Cyberattacks on DOD networks are rising fast
- By Gregory Slabodkin
- Nov 10, 1997
"We have evidence that our known network and computer-communications
vulnerabilities are being exploited by real-world attackers," Lt. Gen. Kenneth
Minihan, NSA's director, said at the Association of Former Intelligence Officers' annual
conference last month.
NSA is responsible for foreign signals collection and U.S. information systems
NSA's Information Systems Security Organization helps to assess the vulnerabilities of
communications and information systems and to design products and processes for
According to a General Accounting Office report released in May 1996 there were 559
attacks against DOD systems in 1995. GAO officials said they expect that number to climb
to 14,000 attacks by 1999.
But GAO found that DOD users report only a small fraction of systems attacks and the
number of annual attacks might be closer to 250,000.
When NSA monitored user access to a specific but unnamed DOD system, it detected 4,300
intrusion attempts during the first three months, Minihan said. But it's the cyberattacks
that go undetected that are the ones that worry the NSA chief most.
For instance, the Defense Information Systems Agency recently ran a test attack against
10,000 DOD computers that managed to draw only a handful of sporadic and apparently
unrelated detections, Minihan said.
Defense is ill-equipped to handle the emerging threat posed by information warfare, he
said, and that threat is expected to grow.
DOD is one of the world's biggest users of the global information superhighway, an easy
target because it knows no physical boundaries, Minihan said.
"Increasing connectivity to and through cyberspace increases our exposure to
traditional adversaries and a growing body of new ones," he said.
Defense faces a multitude of international cyberthreats including those generated by
terrorists, radical groups, narcotics traffickers, organized crime and adversarial
countries. The weapons include an array of network sniffers, malicious software and
sophisticated information attack tools that can supplement or replace traditional attacks,
In another case cited by Minihan, DOD network administrators stumbled onto what they
thought was a high school hacker. But when the system was monitored for access, it was
found that hackers from 14 different countries were attacking the system.
Minihan quantified the country's increasing reliance on information technology. Forty
years ago, for example, there were no fax machines, not one cellular phone and only 5,000
standalone computers, he said.
Today, there are 14 million fax machines, 40 million cellular phones and 1.3 million
LANs operating in the United States.
"We are leading the world into the information age. The public-switched network
plus the Internet comprise the most advanced telecommunications system in the world,"
But it also makes the United States the most dependent on computer networks and
therefore the most vulnerable to cyberattack, he said.
The United States controls 42 percent of the world's computing power and 60 percent of
its Internet resources, while China has 1 percent of the world's computing power and
Russia less than that, he said.
"We're setting a massive information infrastructure on a poor foundation of
security, and we will eventually pay for it," Minihan said.
A November 1996 Defense Science Board Task Force on Information Warfare-Defense
concluded that DOD needs to take extraordinary action to prevent a national disaster.
The task force recommended that DOD spend $3 billion over the next five years to
improve the nation's telecommunications and information infrastructure. This call has gone
unheeded by Congress and DOD brass.