DOD cyber sleuths swap secrets in Florida

The U.S. Department of Defense (DOD) is making changes to streamline its response to online threats across the various branches of the military, and deal with a steady stream of new online woes, from hacking attempts to child pornography and threats posed by powerful portable storage devices such as iPods, according to senior DOD officials.

The DOD blocked and traced 60,000 intrusion attempts on its unclassified networks in 2004, and wrestles with spam, illicit pornography and other common Internet threats. If left to fester the threats could hamper the massive defense agency, which relies on global, unclassified networks for critical business operations, said Lieutenant General Harry Raduege, director of the Defense Information Systems Agency.

Raduege was speaking at the Department of Defense Cyber Crime Conference in Palm Harbor, Florida, an annual gathering of some of the government's top IT, computer forensic and research and development talent.

The DOD is taking the threat to its networks seriously, as global information networks now play a crucial role supporting troops abroad, as well as critical logistics, financial, and medical information systems that the DOD relies on to support its employees and to communicate with suppliers in the U.S. and abroad, he said.

"The importance of reliable, accessible networks is growing as we move to a netcentric world," he said.

Larger, more open networks provide more opportunities for malicious hackers or terrorist groups to infiltrate those networks, stealing sensitive information or wreaking havoc on DOD operations, he said.

The DOD is drafting organization-wide policies to respond to a number of threats that are well known to many private sector network administrators, including peer to peer (P-to-P) file sharing applications, and vulnerable computer communications ports and protocols, he said.

The DOD is also working to develop a list of IP (Internet protocol) addresses for a "do not block list" so that critical DOD communications are not accidentally blocked by ISPs (Internet service providers) and other organizations, he said.

Networks that contain classified information are not connected to the public Internet and are not affected by the same threats that affect unclassified department networks, he said.

A reorganization approved by the Joint Chiefs of Staff in Nov. 2004, should make it easier for the government to coordinate its response to cyber threats and create more discipline on DOD networks by creating clear lines of command from the U.S. Secretary of Defense, to the DOD's Strategic Command, to the various branches of the military, Raduege said.

Asked whether the U.S. public should feel confident that the government is on top of cyber crime, Raduege said that the government's preparedness to deal with online threats had improved dramatically since the first "Solar Sunrise" exercise in the late 1990s.

"We're good. We're very good," he said.

With the theme of "Cyber crime: overcoming the challenges of new technology," the 4th annual DOD Cyber Crime Conference brought together 500 experts in technology, law and computer forensics to discuss ways to improve computer investigations, protect government networks from attack and coordinate the response to computer threats across the huge military and defense sectors.