Navy reacts quickly to NMCI breach
- By Dawn S. Onley
- Nov 08, 2005
The Navy has changed the passwords of all Navy-Marine Corps Intranet unclassified users as a precautionary measure following a recent portal breach.
The breach was traced to an abnormally configured legacy server that was attached to the NMCI unclassified network, according to Lt. Cmdr. Ron Steiner, a spokesman for the Naval Network Warfare Command (NETWARCOM) in Norfolk, Va.
That server was blocked and taken offline. The classified network was not affected, Steiner added.
Steiner said no personal or operational information was compromised during the intrusion. Also, the NMCI portal continued to run and didn't need to be taken down, he said.
The Global Network Operations Center in Norfolk detected the intrusion Oct. 20. Steiner declined to go into the specific time line of when the intrusion was blocked, but said, 'The security process worked fairly quickly.'
NETWARCOM is leading a forensic and technical investigation of the breach. The Naval Criminal Investigative Service is conducting a separate criminal investigation.
'We're looking at prevention and what processes might not have gone as they should,' Steiner said.