Navy reacts quickly to NMCI breach

The Navy has changed the passwords of all Navy-Marine Corps Intranet unclassified users as a precautionary measure following a recent portal breach.

The breach was traced to an abnormally configured legacy server that was attached to the NMCI unclassified network, according to Lt. Cmdr. Ron Steiner, a spokesman for the Naval Network Warfare Command (NETWARCOM) in Norfolk, Va.

That server was blocked and taken offline. The classified network was not affected, Steiner added.

Steiner said no personal or operational information was compromised during the intrusion. Also, the NMCI portal continued to run and didn't need to be taken down, he said.

The Global Network Operations Center in Norfolk detected the intrusion Oct. 20. Steiner declined to go into the specific time line of when the intrusion was blocked, but said, 'The security process worked fairly quickly.'

NETWARCOM is leading a forensic and technical investigation of the breach. The Naval Criminal Investigative Service is conducting a separate criminal investigation.

'We're looking at prevention and what processes might not have gone as they should,' Steiner said.

Featured

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected