KINGS BAY, Ga. (NNS) -- The Information Systems Department at Naval Submarine Base Kings Bay particpated in a cyber-warrior drill on April 29.
During the drill, the department received word of "attempted attacks" by cyber-warriors on the network security at the Southeast Georgia strategic submarine base during the past several weeks.
"I received word the Red Team is active again," said Bonnie Guinn, information assurance manager for Kings Bay. "They are a group of computer specialists from the Fleet Information War Center from Little Creek Amphibious Base, Virginia Beach, Virginia, who already tried to pass themselves off as skilled technicians needing to work on particular equipment. Kings Bay Sailors and Marines have been successfully challenging the Red Team members, however, if they are successful in gaining access to someone's computer, they may introduce a virus or hacking software."
The resurgence of the Red Team is linked to the January 2008 announcement by the Navy requiring the Navy and Marine Corp Intranet (NMCI) to implement a new Internet filtering system to enhance network security.
The new system uses preset criteria to automatically block access to Web sites and other Internet resources that pose a threat to security or are considered nonessential to a user's functions or mission.
"NMCI's job is to make the system more secure," said Guinn. "Many Web sites have the ability to gather personal information about the user. It is difficult to constantly keep up with the next malicious trick. It is much easier to blacklist those Internet sites altogether, especially since they are not mission essential."
"In March, NMCI deployed Websense content filtering across the NMCI Navy enclave," said Eddie Riley, NMCI public affairs officer. "Websense content filtering is an information assurance tool designed to inspect and block inbound Web traffic containing malicious code with little impact to the user. However, the user can request the unblocking of a site, based on operational requirements.
"Websense allows the Network Operational Commands to set a tailored blocking policy by content such as gambling, hate speech or adult content, rather than blocking specific sites or URLs only," he continued.
"This allows the network operators to block sites much more efficiently and outsources the fight against the growing amount of inappropriate content."
The NMCI blocking policy is determined by the operational commands such as the Naval Network Warfare Command, and enforced by the Global Network Operations Center in Norfolk. Blocked sites are redirected to a notification page which links to a page on NMCI's homeport Web site. Here, a user can submit a request that a site be unblocked in order to support mission requirements.
"In addition to implementing Websense, NMCI is upgrading existing servers with Bluecoat proxy servers," added Riley. "These new servers will provide better capacity and traffic management functions. Currently, a relatively small number of users account for half to three-quarters of NMCI's bandwidth usage, mostly attributed to streaming internet radio and video. The new servers will allow bandwidth usage monitoring, down to a command or user level."
According to NMCI, some benefits of Websense and Bluecoat include increased Internet security, real-time updates for high-risk threats, an improved Internet experience for warfighters, and improved bandwidth and Internet performance. However, these new upgrades are not a fool-proof way to maintain security, and every NMCI user should be vigilant in following Navy and DoD instructions when it comes to information assurance.
"Several phishing email attacks have been surfacing recently in an attempt to exploit the general public's anticipated receipt of IRS refund checks and the economic stimulus payment," said Guinn. "These type of emails reiterate why users need to pay attention to their information awareness training."
The news of Red Team presence and continued phishing attempts at NSB Kings Bay underline the importance of Information Assurance training for all NMCI users. This training demonstrates the various ways in which network security may be compromised and steps users should take to minimize that risk, including avoiding inappropriate network use.
The Information Assurance training may be accessed online at the Navy Knowledge Online Web site at https://wwwa.nko.navy.mil or through the NMCI Homeport Web site at http://homeport.
For more news from Naval Submarine Base Kings Bay, visit www.navy.mil/local/subasekb/.