Navy makes quick catch of NMCI breach
The Navy last month quickly caught and blocked a breach of the Navy-Marine Corps Intranet, and has changed the passwords of all unclassified users as a precautionary measure. No personal or operational information was compromised during the intrusion, said Lt. Cmdr. Ron Steiner, a spokesman for the Naval Network Warfare Command in Norfolk, Va.
The breach was traced to an abnormally configured legacy server attached to the NMCI unclassified network, Steiner said.
That server was blocked and taken offline. The classified network was not affected, Steiner added, and the portal continued to run.
The Global Network Operations Center in Norfolk detected the intrusion Oct. 20. Steiner declined to go into when the intrusion was blocked but said, 'The security process worked fairly quickly.'Army RFP for $4 billion infrastructure program
The Army has released a request for proposals for its multiyear, $4 billion Infrastructure Modernization program.
IMOD will update the fiber-optic cable and wireless communications lines at major Army bases and installations. The RFP fell behind schedule earlier this year due to priority changes, officials said previously.
Through IMOD, the Army will award up to eight contracts, including several for small businesses. The acquisition will replace the Digital Switched Systems Modernization Program contracts, which expire in June 2007.
DSSMP supplies telecommunications supplies and support to government and military agencies around the world, including switching and networking technologies, installation, and support services and logistics.
The Army expects to award the IMOD contracts next spring.Hacker charged with 'botnet' attack on DOD systems
A California man has been charged with breaching computer security at Defense Department installations and profiting from creating a so-called 'botnet''a network of computers used to launch viruses or send out huge amounts of junk e-mail, federal prosecutors said.
A 17-count indictment earlier this month charged James Ancheta, 20, of Downey, Calif., with writing malicious computer code that was spread to armies of infected computers. Access to this botnet was then sold to others for the purpose of distributing denial-of-service attacks and sending junk e-mail.
'The good news is he did not breach the network for obtaining proprietary information,' said James Aquilina, assistant U.S. attorney for cyber and intellectual property crimes. 'The concern is that he would be able to do it' if he wanted to, Aquilina added. 'That's the scary part.'
The indictment alleges Ancheta tapped into computer systems at the Weapons Division of the U.S. Naval Air Warfare Center in China Lake, Calif., as well as computers owned by the Defense Information Systems Agency.
Ancheta allegedly modified a known code for the botnet that, once past the systems' firewalls, got stronger and affected other computers, Aquilina said.
Aquilina could not disclose the level of damage to the federal systems and added that the Defense Department was 'instrumental in helping to identify the breach.'
DOD's networks 'are very strong,' he said, but 'no system is impervious [to attack].'