DOD seeks defense against denial-of-service attacks

The Defense Information Systems Agency wants info on commercially available security products

The Defense Information Systems Agency wants commercial products that could help network administrators detect and react to distributed-denial-of-service (DDOS) attacks, according to a request for information posted today.

In such attacks, an individual or group attempts to bring down a Web site by overwhelming it with traffic.

The agency is interested in solutions that could give administrators a clear and timely picture of what is happening on their networks, alert them in the event of suspicious activity and provide options for mitigating attacks, the notice states.

“The goal of this solution is to detect and mitigate all DDOS attempts to disrupt [Defense Department] network communications and to detect internal assets displaying anomalous behavior across the Internet-to-NIPRnet boundary,” the notice states.

In some cases, hackers use malicious code to hijack the computers of unsuspecting users and turn them into zombie machines with instructions to repeatedly send data packets to targeted Web servers to overwhelm them and knock the sites off-line.

Last week, hackers used that type of attack on government and private-sector Web sites in the United States and South Korea to varying degrees of success.

According to a report in the Wall Street Journal last week, DOD officials confirmed that their networks had been struck. But the officials said the intrusions were detected quickly and did no real damage. Other U.S. government Web sites reportedly didn’t fare as well.

Meanwhile, the Associated Press reported last week that the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department Web sites were all down at certain points. The article cited officials inside and outside the government.

In the RFI, DISA said it’s interested in a tool that can report DDOS events within five minutes of the start of the attack. Officials also want the solution to monitor inbound and outbound traffic at 11 worldwide Internet-to-NIPRnet access points.

The RFI asks vendors to provide details on proposed solutions’ capabilities for detection, mitigation, monitoring, logging, reporting and alerting. DISA also wants information on proposed systems’ security, administration and architectures, along with cost and schedule estimates.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.