Navy systems management 'alarming'

Intrusions into Navy unclassified networks are increasing, and officials are blaming poor systems management and the availability of Web-based hacking tools.

In fiscal 2001, there have been 125 successful intrusions into Navy unclassified networks, up from 117 in 1999 and 89 in 2000, said Scott Henderson, the Navy Marine Corps Intranet information assurance division head at the Space and Naval Warfare Systems Command in San Diego. He spoke June 26 at an NMCI press conference.

If systems administrators had downloaded updates to the antivirus products that the Navy uses, many of the intrusions would have been stopped, said Henderson, who called this poor systems management "alarming."

The good news for the Navy, according to Henderson, is that the service's participation in the $6.9 billion NMCI outsourcing procurement with Electronic Data Systems Corp. should eliminate the sloppy systems administration. EDS will be paid or penalized $10 million per year for meeting or failing to meet information assurance-related service level agreements, he said.

He also said that the Navy's connections to the Non-Classified IP Router Network will decrease from about 100 to six under NMCI. The only connections to the NIPRNet will come through the six network operations centers that EDS will staff with the Marine Corps and the Navy, he said.