Army plans network fortification

Army officials expect to spend millions of dollars as early as next year to fortify networks that are increasingly becoming the targets of cyberattacks, according to service and industry officials.

Army officials approved the computer security procurement because the service needs secure domestic networks to support more mobile and rapidly deployable forces, they said.

Budget constraints are hampering funding efforts, but the Army is in dire need of new security products, said industry officials familiar with the situation. They cite an instance in August 2003 and another in January in which hackers attacked systems at an important U.S. installation.

Companies vying for the Army work include IBM Corp., NCI Information Systems Inc., Net Direct Systems and Symantec Corp. Industry officials acknowledged discussions with the service about the project, sometimes called the secure server initiative, but

declined to comment because of national security and business

concerns.

Army officials will study current and future forms of computer network attacks in preparation for the procurement. In early 2005, they will finish the work detailed in a requirements document that identifies information technologies that are ready or in development, said Joe Capps, director of the Enterprise Systems Technology Activity in the Army's Network Enterprise Technology Command (Netcom) at Fort Huachuca, Ariz. Netcom oversees the operation of service networks.

"What's the next step?" Capps asked, referring to the project's focus. Finding "the groundbreaking technology of the future."

Army officials started working on the computer security document in May and conducted research by talking to service IT officials and companies about network threats.

Defense Department acquisition policy mandates that agencies and services must have requirements documents before proceeding with procurements. Capps said he does not know when the Army will release a request for proposals for the next-generation computer security product program.

Army officials want to conduct a comprehensive procurement that would allow all IT companies to submit proposals. They decided against a fast, finite procurement that would allow only a few firms to bid for the contract, said another industry official.

Capps said companies interested in submitting solutions should make them cost-effective.

The requirements document marks another step taken by Army officials during the past year to strengthen their networks (see box).

Army officials have identified the threat, implemented policy and considered new security solutions and controls, said John Pescatore, vice president of Internet security at Gartner Inc.

But the government's slow procurement process and the rapidly changing cyberthreat environment sometimes inhibits this strategy. A buy-a-little, test-a-little approach can give government and industry officials a quick, significant improvement in security and make them better prepared for the next worm or virus attack, Pescatore said.

Army policy forbids discussing computer network intrusions and vulnerabilities. As a result, Capps and Lt. Gen. Steve Boutelle, the service's chief information officer, declined to comment on hackers' attempts to break into Army networks last summer and earlier this year.

But Boutelle commented on the volume of cyberattacks his networks experience. "We get hammered all the time," Boutelle said, declining to elaborate.

Industry officials said they can fix the Army's computer security problems because their products can close holes in networks, correct flawed code in commonly used software and monitor systems for

intrusions.

Capps said new computer security products can not only protect Army networks but also decrease the costs of operating and maintaining systems. At the same time,

security technologies can increase soldiers' use of and confidence in voice, video and data communications, helping the military's network-centric warfare strategy to evolve, he said.

The Army's latest security initiative will build on its long-standing defense-in-depth strategy, officials say. It creates several layers of hardware and software that hackers must penetrate to access classified and unclassified but sensitive information.

Army officials use secure routers to block unauthorized access to their networks. They also use software to stop entry and guard against network attacks including computer worms and viruses, according to Army documents.

Service officials operate several organizations and get help from DOD offices to protect networks. Netcom operates, manages and defends service systems with help from the Army Intelligence and Security Command at Fort Belvoir, Va., which oversees the Land Information Warfare Activity and the Army Computer Emergency Response Team.