DOD defends Web site shutdown

Military officials continue to defend the decision to shut down public access to hundreds of Web sites to thwart the Code Red worm, but they also say they have learned from the experience and may do things differently in the future.

The Defense Department already has increased the capacity of some of its central processing units to handle messages and avoid being overloaded during a so-called denial-of-service attack. That means officials likely will be more selective in cutting off public access in the future. "Just like we do surgical strikes in the Air Force, we are now starting to figure that this is warfare out there on these nets, and if there are certain [IP] addresses that can be turned back on, we can selectively turn those addresses on to allow critical information flow," said Lt. Gen. Harry Raduege, director of the Defense Information Systems Agency.

Officials in each military service also are scrambling to come up with a standard procedure so that they can continue operating as normally as possible when networks are under attack.

Although Code Red is now largely dismissed as having been ineffective, it didn't appear harmless to the Pentagon when the worm first hit in late July. CPUs at 16 DOD Internet connections started to reach 80, 90, even 100 percent of load capacity, Raduege said. They normally operate at 10 percent. Raduege and Maj. Gen. David Bryan, commander of the Joint Task Force Computer Network Operations, began working with DOD's Computer Emer.gency Response Team and with industry representatives working in the Global Network Operations Security Center. Not responding would have brought everything crashing down, Raduege said.