‘If There’s a Wire,
There’s a Way’
Navy officials try to shore up security
for a network that is always under attack
By JOHN C. MARCARIO, Assistant Editor
Network Security
NMCI has four network operations centers — in San Diego,
Norfolk and Quantico, Va., and
Pearl Harbor, Hawaii — where
operators battle potential threats
daily from malware, social media
sites and various attackers trying
to find their way in.
Deets said the sophistication of
the threat has evolved, but the
savvy of the network’s users has
not grown apace.
Sailors entering the service today
are digitally adept, Deets said, but
getting them to understand the vulnerability introduced to the network by using sites such
as Facebook and You Tube can present challenges.
NMCI first allowed users to access social media sites
in summer 2010.
During a June 6 speech at the Institute for Public
Relations’ Strategic Communication Summit, then-Chief of Naval Operations Adm. Gary Roughead said
the Navy made the decision to engage in social media
sites when leaders recognized that, whether they participated or not, there was going to be an ongoing conversation about the Navy and they did not want to be
absent from that conversation.
“Several communities in our Navy, such as our
lawyers and our logistics experts, benefit greatly from
having junior officers maintain Facebook pages and
official blogs for their peers and those considering a
career in the Navy,” said Roughead, who retired in
September. “By doing so, these communities are better
able to support and mentor their entry-level personnel
and, over time, even address some of their attrition and
retention challenges.
“And that’s not just a function of social media. It is
an approach, not a technology. It is a benefit of transparency that for far too long has gone largely unrecognized,” he said.
Protecting the Navy-Marine Corps Intranet (NMCI) from internal
and external threats requires constant vigilance.
■ NMCI has 750,000 daily users.
■ In 2010, NMCI users were allowed to access social media sites
through the network for the first time, ushering in a new set of
security challenges.
■ One official said there is not enough funding to keep the network completely secure.
Keeping the Navy-Marine Corps Intranet (NMCI) secure is a daily struggle made more difficult, at
times, by internal threats to the network.
“Historically, unfortunately, user behavior is what gets
us into trouble most of the time. … If there’s a wire, there’s
a way, and the simple, casual plugging in of an unauthorized Universal Serial Bus device, like an iPhone, into the
side of a computer is what we are talking about. Because
with that comes a great potential for malware [malicious
software] and other things to be downloaded to our systems,” said Rear. Adm. Edward Deets III, commander,
Naval Network Warfare Command (NETWARCOM).
NMCI users, all 750,000 of them, send an average of
100 million e-mail messages per month. The network
also has 124 million browser transactions per day. Each
month, NMCI has the capability to block 9 million spam
messages and detects an average of 60 new viruses.
The original NMCI contract with Electronic Data
Systems — now Hewlett Packard (HP) — was signed
in 2000 and the move consolidated some 6,000 networks into a single, secure information technology
(IT) environment. That contract ended in 2010 and a
Continuity of Services Contract was signed with HP
that now has the network owned by the government
and supported by the contractor.
