DOD cyber sleuths swap secrets in Florida

Cybersecurity officials hope to develop new ways to respond to online threats.

The U.S. Department of Defense (DOD) is making changes to streamline its response to online threats across the various branches of the military, and deal with a steady stream of new online woes, from hacking attempts to child pornography and threats posed by powerful portable storage devices such as iPods, according to senior DOD officials.

The DOD blocked and traced 60,000 intrusion attempts on its unclassified networks in 2004, and wrestles with spam, illicit pornography and other common Internet threats. If left to fester the threats could hamper the massive defense agency, which relies on global, unclassified networks for critical business operations, said Lieutenant General Harry Raduege, director of the Defense Information Systems Agency.

Raduege was speaking at the Department of Defense Cyber Crime Conference in Palm Harbor, Florida, an annual gathering of some of the government's top IT, computer forensic and research and development talent.

The DOD is taking the threat to its networks seriously, as global information networks now play a crucial role supporting troops abroad, as well as critical logistics, financial, and medical information systems that the DOD relies on to support its employees and to communicate with suppliers in the U.S. and abroad, he said.

"The importance of reliable, accessible networks is growing as we move to a netcentric world," he said.

Larger, more open networks provide more opportunities for malicious hackers or terrorist groups to infiltrate those networks, stealing sensitive information or wreaking havoc on DOD operations, he said.

The DOD is drafting organization-wide policies to respond to a number of threats that are well known to many private sector network administrators, including peer to peer (P-to-P) file sharing applications, and vulnerable computer communications ports and protocols, he said.

The DOD is also working to develop a list of IP (Internet protocol) addresses for a "do not block list" so that critical DOD communications are not accidentally blocked by ISPs (Internet service providers) and other organizations, he said.

Networks that contain classified information are not connected to the public Internet and are not affected by the same threats that affect unclassified department networks, he said.

A reorganization approved by the Joint Chiefs of Staff in Nov. 2004, should make it easier for the government to coordinate its response to cyber threats and create more discipline on DOD networks by creating clear lines of command from the U.S. Secretary of Defense, to the DOD's Strategic Command, to the various branches of the military, Raduege said.

Asked whether the U.S. public should feel confident that the government is on top of cyber crime, Raduege said that the government's preparedness to deal with online threats had improved dramatically since the first "Solar Sunrise" exercise in the late 1990s.

"We're good. We're very good," he said.

With the theme of "Cyber crime: overcoming the challenges of new technology," the 4th annual DOD Cyber Crime Conference brought together 500 experts in technology, law and computer forensics to discuss ways to improve computer investigations, protect government networks from attack and coordinate the response to computer threats across the huge military and defense sectors.

The conference offered a diverse set of mostly closed-door sessions, with topics such as "Cyber Jihad and the Globalization of Warfare" and "Current Trends in Digital Forensics."

Child pornography has become a huge problem for DOD investigators, accounting for as much as 50 percent of the criminal digital evidence processing work done by the DOD's Defense Cyber Crime Center (DC3), said Steven Shirley, executive director of DC3.

The proliferation of inexpensive digital cameras and scanners has caused instances of child pornography to mushroom in the military, as elsewhere in society, said Jim Christy, director of the Defense Cyber Crime Institute at DC3.

Other hot topics at the show were techniques for capturing and analyzing data from a flood of new digital storage media, including AppleĀ iPods, GPS (Global Positioning System) devices and portable USB (Universal Serial Bus) memory sticks, Christy said.

Government investigators working on cases, ranging from homicides to espionage, need to be aware of the wide range of new places that valuable information could be stored, he said.

"Twenty years ago, investigators used to walk right past the desktop computer when they were gathering evidence. Now they know enough to seize that, but we've got to get them to be aware of these other devices," he said.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies