DISA official: Users should be accountable for security
DISA official: Users should be accountable for security
By Dawn S. Onley
GCN Staff
APRIL 25—Military personnel who fail to follow protocol in protecting Defense Department systems from intrusion should be held accountable for threatening the entire network, a Defense official said yesterday.
Maj. Gen. Dave Bryan, vice commander of Defense Information Systems Agency, spoke at the Jointable C4ISR Technology Symposium sponsored by the San Diego chapter of the Armed Forces Communications and Electronics Association.
Bryan said that out of 25,000 categorized attempts last year to hack into Defense systems, 245 were successful—and officials found that 96 percent of successful attacks could have been prevented if users had followed protocols.
"If you cut corners, you've been had, and when you've been had, we've all been had," Bryan said. "Your vulnerability makes everyone vulnerable. You ought to be held accountable for it."
Bryan called on systems administrators to begin using point-and-click hacker tools to test password files to ensure that military officers aren't making it too easy for intruders.
On April 2, Bryan was named commander of the Joint Taskforce for Computer Network Operations, a new mission that oversees Computer Network Attack and Computer Network Defense. CNO, aimed at warding off a new level of service attacks that target transport systems, will eventually grow to 144 people and include law enforcement and intelligence agents, Bryan said.