Expert: Even routine work poses cyber threat - Air Force News | News from Afghanistan & Iraq - Air Force Times

Expert: Even routine work poses cyber threat

Simply doing business in today’s online world puts sensitive Air Force information at risk of cyber attacks, despite the service’s aggressive efforts to protect it, security experts say.

Questions about the vulnerability of Defense Department data came up in April after The Wall Street Journal reported that cyber spies during the past two years stole reams of data about the F-35 Joint Strike Fighter program, which the Air Force leads.

“The fact is, if you’re attached to the World Wide Web you’re vulnerable in some way,” said Peter Brookes, a cyber and national security expert at the Heritage Foundation, a think tank based in Washington.

“It’s a cyber cat-and-mouse game that is extremely dynamic,” Brookes said. “Staying one … step ahead of your opponent — that’s the real challenge.”

The military’s most secret data are stored on SIPRNet, the Secret Internet Protocol Router Network, or other even more highly classified networks not connected to the Web. Still, much valuable but unclassified information is kept on unclassified systems such as NIPRNet, the Non-Secure Internet Protocol Router Network, which is connected to the Internet.

“There are sensitive matters that are conducted on unclassified networks that if accessed could be inimical to U.S. interests,” Brookes said. “There is information that may not be considered classified in the official sense but is still [so] sensitive that we wouldn’t want people outside these organizations to have privy to.”

Unclassified information includes everything from medical records to maps of bases and logistics information, said Tom Conway, director of federal business development for the cyber security company McAfee.

“You could find a lot of information, and it’s sort of like building a puzzle,” Conway said. “You get a piece here and a piece there and a piece there. And gradually … you can see what the picture is.”

The huge number and many types of users who connect to NIPRNet make it difficult to secure, he said.

“If I’m a small agency out there … and I’m tied into dot-mil, if I screw up and leave the [cyber] door open, not only have they got into me, they’ve got into the back door of the entire DoD,” Conway said. “The challenge of the military is … it’s huge, like 15,000 separate networks in hundreds of countries, with 7 million end points. By far it’s the largest enterprise in the world.”

Cyber attackers also can use the computer systems of government contractors to indirectly infiltrate the Defense Department network, Conway said. It appears this is how the JSF program was breached.

Once they infiltrate an unclassified system, hackers might use that access to get into classified systems, he said. Military agencies sometimes move information from an unclassified network to a classified network, and software inserted by hackers can inadvertently be moved with it.

Protecting information is an all-consuming task for the Air Force, which uses a layered approach to cyber security, said Brig. Gen. Mark Schissler, the Air Force’s director for cyber operations at the Pentagon. The Defense Department’s Global Network Operations Center provides perimeter security, and individual bases further protect their own networks, he said.

When a portion of the network is compromised, it is taken offline and isolated from other computers until the breach can be fixed, he said.

“The Air Force aggressively responds to deter all intrusions and to defend its portion” of the global information grid, Schissler said in an e-mail. “While military computers are not immune, there is a layered defense in place that is routinely validated and enhanced.”

The Air Force Personnel Center uses several methods to protect airmen’s data, including computer chip smart cards for access, network firewalls for control of users, encryption of all data transmissions and intrusion detection products that monitor system transactions and operations, according to Joe Gallahan, AFPC’s systems operations division chief.

But former Air Force Secretary Michael Wynne, who during his time in office was a leading voice on military cyber security, said the Pentagon must do more to combat the problem.

“We’re in such a state of denial,” he said. “It almost has this feel that if we don’t say much about it, it will go away on its own. Well, it’s not.

“Once you admit you’re getting hit … it becomes a little more public, and you get a little more support and funding and then they’re on their way to a corrective action.”