NSA officer: Defense systems are at risk from internal threat

Defense Department personnel pose a greater potential threat to DOD’s information
systems than hackers on the outside, a senior National Security Agency official said
recently.


“For many years, we pursued a strategy of isolating our sensitive information
systems from outsiders by using strongly encrypted and isolated communications
networks,” said Michael Jacobs, NSA’s deputy director of information systems
security.


“These measures, while fairly effective against the outsider threat, did little to
protect against accidental or malicious threats from insiders,” Jacobs said at the
MILCOM ’98 conference in Bedford, Mass.


DOD has hundreds of thousands of computer users with access to classified Defense
networks, Jacobs said. The department must limit individual access to information domains,
he said.


A recent DOD report underscored the seriousness of the insider threat and recommended a
series of technical and nontechnical countermeasures, he said.


The widespread implementation of access control methods, such as a robust, scalable and
interoperable public key infrastructure, will help deter and protect against unauthorized
actions, Jacobs said.


DOD’s technical strategy for information assurance, called defense in-depth, is a
series of layered defense levels that act as multiple roadblocks between sensitive Defense
information systems and internal and external hackers, Jacobs said.


“If you’ve been in the security business for a long time, you recognize that
the concept of defense in-depth is not new,” the deputy director said.


“For years, security practitioners, especially in the physical security arena,
have learned that no single defensive measure can adequately protect vital assets,”
he said.


Perimeter defensive measures, such as fences, guards and surveillance cameras, must be
augmented with internal security controls, such as locks on the doors to rooms and
cabinets, and use of personnel badges and sign-in sheets, Jacobs said.


DOD must launch initiatives to detect, protect and respond to IS security in a number
critical areas, including WANs, boundary points between WANs and LANs, hosts, servers,
networking applications and operating systems used within DOD’s LANs, Jacobs said.


Defense has two major concerns with regard to WANs: denial of service attacks that
could interfere with communications prior to or during an operational deployment, and the
confidentiality of DOD classified and sensitive information, he said.


To ensure that information remains confidential, DOD must employ network encryption
technology, firewalls, remote access solutions, virus scanners, and intrusion-detection
capabilities, Jacobs said. 



inside gcn

  • firefighters

    National system to help firefighters quickly locate nearby resources

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group