By Josh Rogin
Dec. 19, 2006
For the second time in two months, a major Defense Department
educational institution has shut down its computer and e-mail systems.
The National Defense University, located in Washington, D.C., is
currently without Internet or e-mail while undergoing unspecified
NDU is no longer connected to DOD networks and staff and students will
be without service for two to four weeks, according to Dave Thomas, NDUs
director of public affairs. Thomas declined to comment on the reasons
for the maintenance and could not confirm or deny whether there had been
a recent network intrusion at NDU.
I wont acknowledge one way or the other security issues with the system,
The maintenance was scheduled to coincide with the schools semester
break, Thomas said. This is the first time computer maintenance has
required NDU systems to be offline for an extended period of time, he
The shutdown comes on the heels of a major network intrusion at the
Naval War College in Newport, R.I. In November, all computer systems at
NWC were taken offline after a hacker attack compromised the systems
security. According to reports, one NWC professor told his students that
Chinese hackers had taken down the entire network. DOD never confirmed
the origin of the attack at NWC.
On Dec. 15, all NDU employees received an e-mail alerting them that NDU
e-mail accounts would be inactive for up to one month, according to an
NDU employee who asked not to be identified. Meanwhile, staff members at
the institution are working from home and using personal e-mail
accounts, the employee said.
The previous NWC attack may have identified vulnerabilities in NDUs
system that are now being addressed, the employee said. After last
months attack, DOD raised its Information Condition awareness level from
Infocon5 to Infocon4, where it remains.
DODs Joint Task Force for Global Network Operations is helping NDU
employees perform the system maintenance, said Tim Madden, spokesman for
JTF-GNO. Madden said there was no direct connection between the incident
at NWC and the computer shutdown at NDU.
All computer systems and networks are probed and scanned countless times
each day, he said. To characterize any particular malicious intrusion as
connected to any other is similar to saying a traffic accident on I-495
in the National Capital Region is connected to a traffic accident on
I-405 in Southern California.
NWC houses the Strategic Studies Center, which has been tasked with
developing future strategies for fighting in cyberspace, as well as a
new center to study Chinese military and security issues. NDU includes
the Center for the Study of Chinese Military Affairs as part of its
Institute for National Security Studies (INSS).
Earlier this year, the Commerce Departments Bureau of Industry and
Security suffered a network attack that was confirmed to have originated
from Chinese servers. After that intrusion, the bureau was forced to
replace hundreds of computers. BIS determines technology export policies
to countries including China.
Subscribe to InfoSec News