Donahue: Air Force is damaging its own nets

MONTGOMERY, Ala.—Hackers might be cybertroublemakers, but the Air Force ought to
look within to pinpoint the most persistent threat to its networks, Lt. Gen. William
Donahue said last week.

The damage done to Air Force networks by hackers and crackers is next to nothing
compared with the internal destruction perpetrated by service personnel, the director of
communications and information said at the Air Force Information Technology Conference.

“Someone who highlights the global address list and sends a multimegabit file to
everybody” or misconfigures routers and servers does more harm to Air Force networks
than any external threat, Donahue said.

Optimizing Air Force network operations is a major servicewide initiative, he said.

The Air Force must become more professional with its network operations if the service
is to ensure that its systems are efficient and secure, Donahue said.

“It’s our job to assure our customers that we will be there with the right
information at the right time, wherever they operate,” he said. “You can have a
poorly engineered and run system that causes you just as many problems as one compromised
by a hacker.”

The Air Force needs to administer its networks the same way it administers weapons
systems, he said. For weapons systems, program managers follow standard procedures for
configuring and operating systems, Donahue said.

The service cannot continue to maintain “hobby shop” network operations, he

“We cannot have program managers using system features to tweak out a few more
ounces of performance while at the same time opening up these gaping holes for hackers to
do us harm,” Donahue said.

From here on out, the Air Force will rigorously enforce rules for systems
configuration, Donahue said. No longer can systems administrators act recklessly,
weakening the security and robustness of Air Force networks, he said.

“We’ve got a long way to go to be as good as we’ve got to be in this
area,” Donahue said. “We’ve got to train our people. We were flunking

To remedy the problem, the Air Force has begun a servicewide formal training
initiative. The program will run at Keesler Air Force Base, Miss.

The curriculum will include basic computer programming courses designed to certify Air
Force personnel for accreditation in Microsoft Corp., Novell Inc. and Oracle Corp.

Air Force networks have a three-tiered organization with base network control centers
as the foundation, Donahue said.

But some service personnel are undermining that hierarchy, he said.

“A lot of people are saying, ‘My network is special, I’m unique, and I
do not need to run my system behind the base network control center,’ ” Donahue
said. “Baloney! If you’re on a base and you run a network, it runs behind the
network control center. Failure to comply is going to be a painful process.”

The Air Force is also establishing network operations security centers at major
commands to coordinate information security on a regional level, Donahue said.  

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.