[ISN] DOD cyber sleuths swap secrets in Florida

InfoSec News isn at c4i.org
Thu Jan 13 11:19:36 EST 2005

Forwarded from: William Knowles <wk at c4i.org>


By Paul Roberts
IDG News Service

The U.S. Department of Defense is making changes to streamline its 
response to online threats across the various branches of the 
military, and deal with a steady stream of new online woes, from 
hacking attempts to child pornography and threats posed by powerful 
portable storage devices such as iPods, according to senior DOD 

The DOD blocked and traced 60,000 intrusion attempts on its 
unclassified networks in 2004, and wrestles with spam, illicit 
pornography and other common Internet threats. If left to fester the 
threats could hamper the massive defense agency, which relies on 
global, unclassified networks for critical business operations, said 
Lieutenant General Harry Raduege, director of the Defense Information 
Systems Agency. 

Raduege was speaking at the Department of Defense Cyber Crime 
Conference in Palm Harbor, Fla., an annual gathering of some of the 
government's top IT, computer forensic and research and development 

The DOD is taking the threat to its networks seriously, as global 
information networks now play a crucial role supporting troops abroad, 
as well as critical logistics, financial, and medical information 
systems that the DOD relies on to support its employees and to 
communicate with suppliers in the U.S. and abroad, he said. 

"The importance of reliable, accessible networks is growing as we move 
to a netcentric world," he said.

Larger, more open networks provide more opportunities for malicious 
hackers or terrorist groups to infiltrate those networks, stealing 
sensitive information or wreaking havoc on DOD operations, he said. 

The DOD is drafting organization-wide policies to respond to a number 
of threats that are well known to many private sector network 
administrators, including peer-to-peer file sharing applications, and 
vulnerable computer communications ports and protocols, he said. 

The DOD is also working to develop a list of IP addresses for a "do 
not block list" so that critical DOD communications are not 
accidentally blocked by ISPs and other organizations, he said. 

Networks that contain classified information are not connected to the 
public Internet and are not affected by the same threats that affect 
unclassified department networks, he said. 

A reorganization approved by the Joint Chiefs of Staff in Nov. 2004, 
should make it easier for the government to coordinate its response to 
cyber threats and create more discipline on DOD networks by creating 
clear lines of command from the U.S. Secretary of Defense, to the 
DOD's Strategic Command, to the various branches of the military, 
Raduege said. 

Asked whether the U.S. public should feel confident that the 
government is on top of cyber crime, Raduege said that the 
government's preparedness to deal with online threats had improved 
dramatically since the first "Solar Sunrise" exercise in the late 

"We're good. We're very good," he said.

With the theme of "Cyber crime: overcoming the challenges of new 
technology," the 4th annual DOD Cyber Crime Conference brought 
together 500 experts in technology, law and computer forensics to 
discuss ways to improve computer investigations, protect government 
networks from attack and coordinate the response to computer threats 
across the huge military and defense sectors. 

The conference offered a diverse set of mostly closed-door sessions, 
with topics such as "Cyber Jihad and the Globalization of Warfare" and 
"Current Trends in Digital Forensics." 

Child pornography has become a huge problem for DOD investigators, 
accounting for as much as 50% of the criminal digital evidence 
processing work done by the DOD's Defense Cyber Crime Center (DC3), 
said Steven Shirley, executive director of DC3. 

The proliferation of inexpensive digital cameras and scanners has 
caused instances of child pornography to mushroom in the military, as 
elsewhere in society, said Jim Christy, director of the Defense Cyber 
Crime Institute at DC3. 

Other hot topics at the show were techniques for capturing and 
analyzing data from a flood of new digital storage media, including 
Apple Inc. iPods, GPS (Global Positioning System) devices and portable 
USB (Universal Serial Bus) memory sticks, Christy said. 

Government investigators working on cases, ranging from homicides to 
espionage, need to be aware of the wide range of new places that 
valuable information could be stored, he said. 

"Twenty years ago, investigators used to walk right past the desktop 
computer when they were gathering evidence. Now they know enough to 
seize that, but we've got to get them to be aware of these other 
devices," he said. 

"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
C4I.org - Computer Security, & Intelligence - http://www.c4i.org

More information about the ISN mailing list