Deets said his concern, from a
risk perspective, is that the use of
social media sites via NMCI opens
the network up to potential attacks.
“We think it’s critically important
to embrace social media for a number
of reasons, but it’s hard to control
[usage] across the board,” he said,
noting that risk rises as the number
of users accessing such sites increase.
Lt. Cmdr. Ian Larsen, deputy
operations officer of Navy Cyber
Defense Operations Command, said
traffic through the closed network
runs the gamut, from Department of
Defense bill payments and air refueling tasks to troop movement plans
and education courses.
“It’s beyond human conception
to understand how much volume
of traffic goes through the network,” Larsen said in an interview
at his Norfolk office.
While websites dealing with
pornographic content, gambling and
malware, for example, are blocked,
major news and sporting events can bring a spike in the
number of users on the network. The network has never
crashed, but its capacity has been maxed out before,
which keeps users from being able to log in.
Websites also can be blocked because of ad threats.
For a majority of the day on April 16, 2010, NMCI
users who tried to view a Fox News web page received
the following message: “Access to this site has been
denied in accordance with Navy policy to safeguard
the security posture and/or to maintain the operational
integrity of the NMCI.”
This incident received national attention as various
media sites claimed NMCI was trying to block access
to the largely conservative site because of political
motivations. Larsen said it was simply a matter of the
Fox News homepage using an ad that was known to
carry malware attacks.
Malware consists of programming that allows abusive behavior, such as disrupting operation or gathering information on the user’s system, that could lead to
loss of privacy or exploitation.
Despite the extensive efforts to constantly monitor
the NMCI network, Larsen said it will never be completely secure.
“Network attacks are constantly changing,” he said.
NMCI is working to fortify an undisclosed number
of vulnerable areas in the network to make it more
secure, Larsen said.
Sailors assigned to Navy Cyber Defense Operations Command (NCDOC) in
Virginia Beach, Va., monitor U.S. Navy information systems and computer net-
works Aug. 4, 2010. NCDOC is responsible for around-the-clock protection of
the Navy’s computer networks, with more than 700,000 users worldwide.
“There is never enough money [for security],”
Cmdr. Dave Wirth, deputy global network operations
officer for NETWARCOM said in an interview at Cyber
Defense Operations Command. “There is not enough in
the budget [now] to [completely secure the network].
Deets said there is not a specific budget for
NETWARCOM, which is funded by the U.S. Navy
Fleet Cyber Command/10th Fleet and under IT in the
“It’s very difficult to say this is the Navy’s IT and network operations budget. It’s just the way it is,” he said.
One of the biggest improvements in network security has been the Navy’s ability to identify a threat early
and take care of it, said Deets. In the future, he expects
more advanced and persistent threats.
“We should be challenged by what lies ahead, because
it will be challenging. We should also be heartened by
how much further along we are today than we were just
a year or two or three years ago,” Deets said.
NMCI identifies attackers in three categories —
recreational ones, which are not affiliated with any
organization; “hacktivists,” which are those politically
motivated; and professionals.
“The professionals are the ones you have to be the
most scared [about] because their main job is to go
about their business being undetected, and sometimes
it could take awhile to notice you have been attacked,”
Larsen said. ■