PDA

View Full Version : Security breach



thedrifter
11-22-05, 12:51 PM
Security breach
Official: Classified data secure despite NCMI server hack

Nearly 550,000 Navy and Marine Corps Intranet users have gotten orders to change their passwords following an unauthorized Oct. 20 intrusion. That’s right. NMCI got hacked.

“No personal or operational data was compromised in the intrusion,” said Lt. Cmdr. Ron Steiner, spokesman for the Naval Network Warfare Command in Norfolk, Va. “Changing passwords is just a normal, prudent step when you have an intrusion.”

Steiner could not comment on the break-in location.

As Navy networks transition to the NMCI system, Steiner said, older servers are routinely kept on local area networks for a period of time to allow file transfers. If not configured correctly, however, the older servers can weaken the system’s security, he said.

That appears to be the case with the recent hacking, Steiner said. He downplayed the effect, likening it to a thief trying to break into a home through a partially unlocked gate.

“They may have gotten into the yard but not into the house,” he said.

Steiner said the intrusion was in the unclassified area of NMCI and did not endanger classified information; however, had the hackers been able to get further into the system, the breach could have compromised sensitive personnel and command information.

Steiner said the Naval Criminal Investigative Service is investigating the break-in as a criminal case.

NMCI was designed to give the Navy and Marine Corps a shared, highly secure computer system for voice, data and video.

More than half a million people use the 340,000 computers on the NMCI network, and a majority of those users already have changed their passwords, Steiner said.

Still, he added, if sailors have questions or need help to determine whether they must change their password, they can check with their command’s network administrator or NMCI coordinator.