By Wyatt Kash
As the number of potential assaults on military information technology
networks continues to escalate, so does the challenge of conducting
forensic and attribution analysis in order to respond appropriately,
said Col. Barry Hensley at the 2008 LandWarNet conference in Fort
Lauderdale, Fla., this week.
"There are 360 million scans or attempted scans [per day] across the
[Defense Department] network," said Hensley, director of the Army Global
Network Operations and Security Center. But those scans are merely part
of the noise that Army security specialists must deal with in analyzing
a variety of incidents and potential assaults on military networks.
The difficulty, he said, is recognizing when an incident, like the
accidental severing of undersea fiber optic cables in the Mediterranean
Sea last year, is a disruption, a cyber attack or something more than a
One step toward improving responsiveness is "to know your network,"
Hensley said. He noted that 90 percent of the Army's LandWarNet network
relies on undersea cable. But local land connections also present
vulnerabilities, he said. He cited an incident where a garbage truck
severed an overhead fiber cable knocking out service for the Army's
southern and northern continental command centers for nine hours.
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!