Slashdot Mirror

← Back to Stories (view on slashdot.org)

DOD Kicks Up Cybersecurity Efforts

Posted by michael on from the wargames dept.

codingOgre writes "The US Army will try to secure an entire computer network against a team led by the NSA. They are cadets at West Point competing against military academies and other schools in a four-day Cyber Defense Exercise this week. I would have to think that this would be a lot of fun! I would like to see what the NSA and friends could throw at my network, although one would think they wouldn't reveal all their cards...like the backdoor into any Windows box :)" In a related story, jkinney3 writes: "The feds are wising up to the needs for a verifiable, secure code base for all of the DOD stuff, according to Government Computing News. A proposed solution 'would create a single executive organization responsible for software integrity and information assurance.' Joe Jarzombek, deputy director for software assurance in DOD's Information Assurance Directorate, said 'DOD possesses so many millions of lines of code in countless thousands of packages, that it would take years of effort and millions of dollars just to identify what was developed where.' I'm envisioning a lot of Bugzilla installations."

12 of 178 comments (clear)

  1. hacker wargames by quelrods · · Score: 4, Interesting

    It sounds like a CTF match, except via the government. I somehow doubt they'd publish packet dumps and such of the event, but that'd be even more interesting. Kudos to the nsa/dod for trying to ensure some of our vital infrastructure is secured from attack.

    --
    :(){ :|:&};:
  2. A single gov't entity responsible for infosec? by Anonymous Coward · · Score: 0, Interesting

    This will just make it easier for them to get the "secret" US backdoor into all software and have everyone consider it "trusted".

    Combine this with the the DMCA and the "Trustworthy Computing" Palladium BIOS and nobody that teh **AA doesn't want running systems will be able to run systems. This is truly a sad day for privacy and security. Our boxen our no longer ours.

    Those who would give up freedom for security deserve neither.
    -- Paul Revere

  3. Also, it doesn't say which OS by GillBates0 · · Score: 5, Interesting
    Will the network have UNIX or Windows based OS's? I would think the better idea is to use a mixture of OS/platforms to simulate a real-world network, but it should've been mentioned.

    It would also be interesting to see which OS allows the "red team" to infiltrate the network.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
    1. Re:Also, it doesn't say which OS by JimDabell · · Score: 4, Interesting

      Read the fine article--the Army team, at least, uses Linux

      I wonder if they'll be using the NSA's Linux against the NSA?

    2. Re:Also, it doesn't say which OS by agentZ · · Score: 5, Interesting

      I'm involved at the Navy side of this exercise.

      The requirements specify using Exchange, but otherwise we're free to use whatever operating systems we want. Obviously I can't say what we're using for operational security reasons, but let's just say that it's a heterogeneous environment.

  4. Shocking by thebra · · Score: 5, Interesting

    Army lost last year not because of a successful outside attack but from a self-inflicted wound in which an authorized network user accidentally knocked out service for several hours, costing precious points that helped Air Force prevail.
    Isn't this how most corporate networks are taken down? BTW, I can't access the intranet.

  5. haha by Anonymous Coward · · Score: 5, Interesting

    We get random netbios traffic from the DoD all the time... looks like something is not locked down over there. Either that or they are scanning other government agencies for open windows computers. hmmmm.

  6. Cyber Rattling by Doc+Ruby · · Score: 1, Interesting

    Now that they've got a disgruntled former employee, the CyberSecurity corps of Homeland Security will turn their eyes on all unpatriotic Americans who can get TV time. And the rest of us will drown in emailed PIF viruses.

    --

    --
    make install -not war

  7. NSAKey by shachart · · Score: 3, Interesting

    Hey, does anyone recall the NSAKey symbol that leaked on a debug version of a DLL in NT 4? (Was that GINA.DLL?) I wonder if it's still in there in later versions...

    --
    Those who can, do. Those who can't, consult.
  8. The first thing they should do is... by Anonymous Coward · · Score: 1, Interesting

    post a link to the webserver on /. that ought to be a good stress test.

  9. This is not new. by BeProf · · Score: 5, Interesting

    This has been going on each year for almost 10 years now. Each of the "official" military academies compete, and the best team wins the NSA Information Assurance Directorate Trophy. In the past Army, Navy, and Air Force have all done quite well, while Coast Guard has not.

    Contrary to popular belief, the NSA Red Team isn't allowed to use any of the NSA arsenal of dirty tricks. They are only allowed to use software that is freely available off the internet (NMAP, snort, etc.) running on commodity hardware. They can't do anything that violates Federal Law, (other than the intrusion attempts themselves), but social engineering is ok.

    Also, break-ins are not an automatic loss, per se. Nor is prevention of break-in an automatic win. The goal of the Red Team is DoS. For every minute a service remains down, the Red Team scores points. The cadet teams win points based on how quickly they detect and respond to the attacks. All judging is done by an NSA White Team.

    I'll see if I can find some more info and post it here.

    --
    You are attempting to read sigs. Cancel or Allow?
  10. Re:NSA's Secret Plan by STrinity · · Score: 3, Interesting

    It's funny but unfortunately true. My father does this for a living, and part of his job is dealing with ijits who send classified reports to their Hotmail accounts so they can work on them at home. (If you knew the ranks of some of the guys who do that, you'd be building a bomb shelter right now.)

    --
    Les Miserables Volume 1 now up with my reading of