NSA officer: Defense systems are at risk from internal threat
- By Gregory Slabodkin
- Feb 08, 1999
Defense Department personnel pose a greater potential threat to DODs information
systems than hackers on the outside, a senior National Security Agency official said
For many years, we pursued a strategy of isolating our sensitive information
systems from outsiders by using strongly encrypted and isolated communications
networks, said Michael Jacobs, NSAs deputy director of information systems
These measures, while fairly effective against the outsider threat, did little to
protect against accidental or malicious threats from insiders, Jacobs said at the
MILCOM 98 conference in Bedford, Mass.
DOD has hundreds of thousands of computer users with access to classified Defense
networks, Jacobs said. The department must limit individual access to information domains,
A recent DOD report underscored the seriousness of the insider threat and recommended a
series of technical and nontechnical countermeasures, he said.
The widespread implementation of access control methods, such as a robust, scalable and
interoperable public key infrastructure, will help deter and protect against unauthorized
actions, Jacobs said.
DODs technical strategy for information assurance, called defense in-depth, is a
series of layered defense levels that act as multiple roadblocks between sensitive Defense
information systems and internal and external hackers, Jacobs said.
If youve been in the security business for a long time, you recognize that
the concept of defense in-depth is not new, the deputy director said.
For years, security practitioners, especially in the physical security arena,
have learned that no single defensive measure can adequately protect vital assets,
Perimeter defensive measures, such as fences, guards and surveillance cameras, must be
augmented with internal security controls, such as locks on the doors to rooms and
cabinets, and use of personnel badges and sign-in sheets, Jacobs said.
DOD must launch initiatives to detect, protect and respond to IS security in a number
critical areas, including WANs, boundary points between WANs and LANs, hosts, servers,
networking applications and operating systems used within DODs LANs, Jacobs said.
Defense has two major concerns with regard to WANs: denial of service attacks that
could interfere with communications prior to or during an operational deployment, and the
confidentiality of DOD classified and sensitive information, he said.
To ensure that information remains confidential, DOD must employ network encryption
technology, firewalls, remote access solutions, virus scanners, and intrusion-detection
capabilities, Jacobs said.