NMCI to shore up security
Intruders have exploited defenseless Navy networks, but NMCI has proven to be much more secure
Some Navy networks have virtually no protection from cyberattacks, according to the officer who spearheads the Navy's efforts to assess network security.
Such vulnerabilities have resulted in 40 instances of root access to Navy systems this year, including some that took days to detect, said Capt. Jim Newman, who leads the Navy's "Red Team," the group of 20 sailors and civilian personnel who attempt to break network defenses.
Newman said the Navy Marine Corps Intranet has proven to be much more secure and offers some inherent security advantages.
So far this year, the Navy has tracked some 16,000 incidents where somebody attempted to enter a Navy system. Of those, about 400 were considered significant attempts to obtain root access — the level at which someone can access the network's functions. Of those attempts, about 40 succeeded in gaining root access, Newman said during a Nov. 13 press briefing.
Navy officials acknowledged that although some of the service's networks are well-protected — especially those used at sea for warfighting — some of the shore networks have little or no protection.
In a typical test of the Navy's existing shore-based networks, the Red Team can find 40,000 to 150,000 vulnerabilities in a network of about 8,000 machines, Newman said.
During the past two years, the Navy has been hardening the most critical systems, he said, and the service has developed a multilevel defensive system where an intruder might be able to access less-sensitive systems but would be barred from more critical data.
Meanwhile, the Navy has started rolling out the $6.9 billion NMCI, which Newman said will enhance the service's network security stature. "On the shore side, NMCI is building a defensible network structure," he said.
During a recent similar test of the NMCI network operations centers, the Red Team found no vulnerabilities. "That is NMCI," Newman said.
In part, NMCI will streamline the Navy's network functions by centralizing management of the Navy's network. Currently, the scores of Navy networks are operated independently, Newman said, and they often have different security policies and standards. Without standardization, adding applications or updating software can create security vulnerabilities, he said.
NMCI also will provide users with training about the importance of security and their role in securing the network, Newman said, something that has not existed previously.
The centralized network also will enable the best-trained personnel to work on the overall network.
Among the NMCI service-level agreements are security standards that include defeating Red Team attacks on the system, said Garnet Smith, a project manager with the Space and Naval Warfare Systems Command.
NMCI has just started to be rolled out across the Navy. The first 550 seats were recently rolled out at the Naval Air Facility, Washington, D.C.
NEXT STORY: O'Keefe picked for NASA post