Navy Intranet Breach Cost: $10 MillionNSA Director-Designee Michael Rogers Led Incident Response
Nearly a half-year after attackers - reportedly from Iran - breached the Navy Marine Corps Intranet, the Pentagon says it continues to work to fix network vulnerabilities. A Defense Department official says no data was stolen in the attack.
See Also: Rethinking Endpoint Security
DoD twice took down the massive, nonclassified network to make repairs and remove evidence of the intruders at a cost of some $10 million, the official tells Information Security Media Group.
"Within three weeks," the official says, "the full scope of the incident was known, and DoD had a plan under way to resolve the issue. There is no evidence of e-mail or communications being accessed or data being stolen."
The official says that although the intranet is now free of any evidence of the attackers, "efforts to patch other possible vulnerabilities in our networks continue."
The Wall Street Journal, citing DoD sources, says Iran was behind the breach. But the DoD official declines to say who infiltrated the network. The newspaper says it took about four months for the Navy to finally purge the attackers from its biggest, unclassified computer network.
Rogers Takes the Lead
The officer who led the response is Navy Vice Adm. Mike Rogers, the Navy cyber commander who's been tapped by President Obama to be the next director of the National Security Agency and the military cyber command (see Obama Taps Navy Admiral as NSA Director)).
Rogers is expected to be grilled about the incident by senators at his yet-to-be-scheduled confirmation hearing to be cyber commander, though specifics about the breach likely will be discussed at a closed session.
The Pentagon tried to put a positive spin on the breach. "It was a significant cyber-incident, but it was a success story in the way the department rallied, and Vice Adm. Mike Rogers in particular," the Pentagon official says. "He addressed the problem well and did a very good job handling DoD's response to this incident.
"What came out of the situation has been very positive. We learned a lot, we got better, and we've become more sophisticated in defending the department's networks."
Citing a senior U.S. official, the Wall Street Journal reports that although the details about the breach remain classified and murky, the penetration allowed the Iranians to conduct surveillance on the Navy's and Marine Corps' unclassified networks.
Second in size to the Internet itself, the Navy Marine Corps Intranet is the Navy Department's shore-based enterprise network in the continental United States and Hawaii. The intranet represents about 70 percent of all Navy Department IT operations, according to the department. The network has more than 700,000 users, 384,000 workstations and laptops at 3,000 locations. Each day, the network transports more than 3.4 terabytes of data and 124 million browser transactions.