Information System Security and the US Military

Ben Mascolo – ISC 300

Terms and Acronyms used

AKO – Army Knowledge OnlineAR – Army Regulation

CAC – Common Access CardDKO – Defence Knowledge Online

DOD – Department of DefenceIED – Improvised Explosive Device

Terms and Acronyms used

PIN – Personal Identification NumberTFTP – Trivial File Transfer Program

UFO – Unidentified Flying ObjectWAN – Wide Area Network

PLA – Peoples Liberation Army of China

Introduction

Security Measures currently held by the US military for its information systems are not

enough and need to be improved.

Introduction

The gathering of intelligence is key in military and paramilitary operations

The US Military has consolidated all personal, movement, and intelligence information into a series of inter-connected WANs called DKO.

This is a relevant issue because enemies of the US no longer have to conduct reconnaissance, if they can penetrate these information systems.

Case 1 of Attack on US Military

April of 1990 Dutch Teenagers Stole Troop movement information and

attempted to sell it to the Iraqi government Not a direct exploit of the information system

Case 1 of Attack on US Military

Attacked the information system in 3 ways Dictionary attack to guess passwords Used loop holes in the operating system Broke into civilian contractors with access to

military systems

Case 1 of Attack on US Military

Case 1 of Attack on the US Military

The Military found out about the attack via Dutch television when the teens publicly broadcasted another attack

Case 2 of Attack on US Military

British Attacker 40 Years old Looked for accounts with no passwords Simply logged in Left Notes on desktops of users telling them to

create a password Deleted security records

Case 2 of Attack on the US Military

Cost a total of $700,000 in damages Was discovered by system administrators after

they noted many logins from out side the country

Case 3 of Attack on the US Military

Conducted by the PLA Specifically attacked Defense Secretary Gates The PLA consistently attacks the US Military The strategy for penetration is different than the

two previous groups

Case 3 of Attack on the US Military

PLA Created a Trojan virus This type of virus works by having a user

authorize the install The user does this because the virus has

another seemingly useful virus

Case 3 of Attack on the US Military

The virus exploited a well known security loop hole.

The virus dwelled in the system for 8 months before it was found.

Current Security Measures

Two types Software Security Physical security

Current Software Security Measures

Passwords – 2 upper case, 2 lower case, 2 numbers, 2 special character, must be changed ever three months

Must log in with CAC in order to change password

Authorization rules – certain people are allowed access to certain aspects of information

Encryption

Current Physical Security Measures

CAC ID card – All personnel have a smart card to access military computers

Fingerprint ID – Some access requires Fingerprint authentication

Separate computers for separate purposes – only certain computer are allowed to access sensitive information

Newest security measures

As of 17 NOV 2008 all USB storage devices have been banned

Security Measures Needed

Finger print authentication for access to any military computer on top of current security measures

Long term effects

Forces the enemy to conduct traditional reconnaissance and expose themselves

They wont be able to easily know routes taken by conveys

Reduces ease of placement of IED

Final Thought

Security measures in information system in the US military are strong, but not currently strong enough. These information systems track all information including movement, personal

information and military secrets.