Navy-Marine Corps Intranet Girds For Cyber-Attacks

Information superiority is a key goal as the department moves into the 21st century, said Scott Henderson, the NMCI information assurance division chief with the Space and Naval Warfare Systems Command, San Diego. Safeguarding that information, he added, is crucial to mission success.

"One of our critical capabilities will be how we are able to defend our information and our information systems from an adversary's attack," Henderson said June 26 at an NMCI news conference, here. "The Navy-Marine Corps Intranet will be one of the primary vehicles within the Department of the Navy to actually achieve that mission."

The $6 billion, NMCI network is DoD's largest information technology contract ever, Pentagon officials noted. The system is slated for completion in 2003 and will consolidate 200 separate Navy and Marine Corps computer systems involving some 400,000 desktop machines. Army and Air Force computer systems, officials said, will be interoperable with the NMCI.

While the NMCI consolidation should save the Navy about $2 billion over the life of the initial five-year contract, Henderson said the system would be useless if hackers can compromise it at will.

He pointed out that the threat to DoD information systems has increased in recent years. For example, successful intrusions, or attacks, on Navy computer systems increased from 89 in 2000 to 125 so far this year, according to Navy documents.

The number and types of detected computer viruses have also grown each year, Henderson noted, a reflection of computer hackers' increased skills and organization.

To "harden" it against possible intrusions, Henderson said the NMCI will feature security operations cells located with each of the system's six network operation centers at Quantico and Norfolk, Va.; Jacksonville, Fla.; Oahu, Hawaii; San Diego; and Puget Sound, Washington. The Norfolk network operations center is slated to start operations July 9, Henderson said.

Technicians at each NOC -- using standardized security policies and procedures -- will oversee network firewalls, virus and content scanning, encryption management, remote access servers, and other safeguards, he said. Security initiatives, he added, will also include incident detection and response capabilities.

Henderson remarked that the NMCI system features five principal information assurance or security properties:

• Availability – Authorized users can properly access online information systems.
• Integrity – Safeguard information or communications from modification by unauthorized users.
• Authentication – A degree of certainty or assurance that information/communications are provided by authorized sources.
• Confidentiality – Only authorized individuals have access to sensitive information.
• Non-repudiation – There is some proof of sending and receiving information/communications for tracking/documentation purposes.

"We have implemented protection mechanisms to provide each of these five services," Henderson said of NMCI security initiatives.

He said the completed NMCI network would use an interconnected, "defense-in-depth" infrastructure that acts as both a barrier and as an early-warning detection system to ward off or provide rapid response to potential cyber attacks.

Henderson opined that better government intrusion detection systems and increased hacker attacks combined to produce more than 23,000 detected "events" or possible incursions on DoD unclassified computer networks in 2000, compared to 225 such incidents in 1994.

"It just shows the magnitude of the problem out there," he said. "The number of hackers is increasing and their capabilities are also increasing."