Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoD Networks Completely Compromised, Experts Say

Posted by timothy on from the but-are-they-iso-9000-compliant-is-the-question dept.

AZA43 writes "A group of U.S. federal cybersecurity experts recently said the Defense Department's network is totally compromised by foreign spies. The experts suggest the agency simply accept that its networks are compromised and will probably remain that way, then come up with a way to protect data on infected machines and networks."

4 of 164 comments (clear)

  1. Re:cut the wire by HBI · · Score: 5, Informative

    There are physically isolated networks.

    They are referring to the NIPRnet which is directly connected to the rest of the internet. NIPR is all about web apps - time trackers and such, and e-mail. The actual secure stuff has an air gap.

    This is mostly hyperbole. These people who are testifying don't know jack shit about technology, and neither do the people who are listening to them.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  2. Re:cut the wire by Kadin2048 · · Score: 5, Informative

    Or setup a separate ARPA-owned network that no one can access except DOD employees.

    This exists, it's called the SIPRnet. You can only access it from secure workstations in secure facilities, and in theory all the network hardware is also secure, etc., etc.

    AFAIK, the only recent SIPRnet compromise was Bradley Manning, and that was more of a social exploit than a technical one.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  3. Re:or it is used as a tool by Beardo+the+Bearded · · Score: 5, Informative

    They don't.

    I work with a lot of military documents. I've got some in the other windows right now. 99.9% of military documents are not important, security-wise. Sure, you can find out what kind of cable is used to plug in that receptacle. It's not important. It's not Classified. Nobody gives a shit.

    The Classified stuff, should I ever even look at any of it, is really quite a different type of animal. Here's how I'd handle it:
    1. Make sure it had to be me since they're a PITA.
    2. Our document control folks would burn a copy and FedEx to me.
    3. It would be sent to the Secure Room once it arrives.
    4. When I went to work on it, I'd get a supervisor, sign in to the secure room, and pull out the removable HDD from the vault.
    5. Check the Secure Machine for oddities, like anything in the USB ports or the sudden appearance of an Ethernet port. Seriously, there isn't even a phone jack in the room.
    6. Boot the Secure Machine. Yes, it is Win XP. While it's booting, draw the blinds and close the door.
    7. Work on the Classified document.
    8. Once I'm done, I can burn a disk to send back and have it printed by the document control group. Then I power down, put the HDD in the vault, and then sign out.

    Seriously, the important stuff is airgapped. The really important stuff is airgapped and guarded by people with weapons.

    --

    ---
    ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
  4. Re:cut the wire by Anonymous Coward · · Score: 5, Informative

    Little anecdotal story from my time in the military (can't speak to the policies of all the 3-letter-agencies) USMC had (has) a very VERY strict policy about crossing the streams.

    There are "normal" computers that access the internet and what not, and other computers which exist on a completely separate self-contained network. And never the two shall meet. At all.

    For the most part, the secure computers were in a completely different building, or at very least in a different room behind lock and key. If someone was important enough to warrant access to the secure networks in their office (usually restricted to O-5 at bare minimum) the ports for the secure side were emblazoned in bright red and stuffed behind lock-boxes, so there was no possible way to confuse the two. Oh, and the office itself had to be secured. Certain quality of lock on the door, no windows, etc.

    Any computers that became part of the secure networks, were part of that network for LIFE. When replacement time came, the secure computers had their HDDs wiped via electromagnets and then holes drilled through the platters.

    Even non-computers had to live by a one-way pathing. If you plugged a monitor into a secure computer, that is now a secure monitor and CANNOT leave the secure area. Fax machines, copy machines, etc etc etc. Anything that interfaced with ANY secure data was locked down.

    Suffice to say, there was no crossing the streams, and no matter how infected or compromised the "normal" networks were... there was practically zero chance of any info getting out of the "air gapped" secure networks.