Navy command engages in info warfare campaign.
The team, known as NAVCIRT, is part of the Naval Network Warfare Command, stood up in July 2002 at Naval Amphibious Base Little Creek, Va., in part to prevent and respond quickly to threats such as this.
"We get probes several times a day," Huffman said. "It's mostly just hackers seeing how far they can get."
The probes are nuisances, but they aren't illegal, and they don't do any real damage, said NAVCIRT officer Lt. Cmdr. Mark Rollins. "It's not illegal for a stranger to check your front door to see if it's locked," he explained. "But if he tries to go in, then he's breaking the law."
Unlike probes, viruses and worms can inflict serious harm on computer networks, he said. A virus is an intrusive program that infects computer files by inserting into those files copies of itself. A worm is a kind of virus that spreads on its own throughout networks, consuming memory or bandwidth and weakening computing power.
This summer, for example, the Navy Marine Corps Intranet was infiltrated by the Welchia worm, which disrupted operations of about two thirds of the 100,000 or so computers in the NMCI system. (related story p. 42) The Welchia worm is described as a "Good Samaritan" virus. Rather than corrupting or deleting individual files, Welchia checks a computer for the Blaster virus that hit the lnternet in August. Then, it tries to check all of the other computers in the domain, disrupting normal wide-area network activity.
It took about two days to clear the worm from the system, said Vice Adm. Richard W. Mayo, head of the command, known as NETWARCOM.
"I think that's a big endorsement for NMCI," he told National Defense. "If we didn't have a coherent network like that, we'd still be clearing that worm out of our computers today."
NETWARCOM's mandate is a broad one, Mayo said. The command is the equivalent to the organizations that oversee the Navy's surface, undersea and air warfare activities, he said. Mayo reports directly to the head of U.S. Fleet Forces Command, at Norfolk, Va.
NETWARCOM, Mayo explained, is the Navy's central authority for network and information operations in support of naval forces afloat and ashore. Its responsibilities include:
* Operation of a secure and interoperable naval network.
* Coordination and assessment of the Navy's operational and technological requirements for information and space.
* Acting as the fleet's advocate for the development and fielding of resources to meet those needs.
* Serving as the Navy's part of the U.S. Strategic Command, which is responsible for early warning of and defense against missile and long-range conventional attacks.
NETWARCOM includes three shore activities under its authority--the Naval Network and Space Operations Command at Dahlgren, Va.; the Fleet Information Warfare Center at Little Creek, and the Naval Component Task Force for Computer Network Defense in Washington, D.C. The entire organization has 6,853 officers, enlisted personnel and civilians worldwide.
The Naval Network and Space Operations Command is itself a new entity. It was established at the same time as NEWARCOM with the merger of elements of the Naval Space Command in Dahlgren and the Naval Network Operations Command in Washington.
Initially, after its creation, NNSOC focused on providing naval space and network support for the operations in Afghanistan and Iraq. The command's regional Naval Computer and Telecommunications Area Master Stations increased bandwidth services. In some cases, the number of fleet units supported with classified and unclassified network services and tactical satellite voice communications were doubled.
The job was a major one, Mayo said. The coalition fleet participating in the Iraqi operation included more than 100 U.S. ships and 50 vessels from more than 17 nations.
During the weeks that led to the beginning of operations in lraq, NCFAMS transmitted from 60,000 to 90,000 messages daily, more than double normal operations. The NNSOC's Remote Earth Sensing Information Center provided more than 250 image maps and digital data products on Iraqi airfields, port cities and waterways to support Marine air operations, route planning and minesweeping activities.
Other existing Navy activities are taking on additional roles in support of NETWARCOM. For example, the Space and Naval Warfare Systems Command, in San Diego, is helping out in matters related to fleet support, and the head of the Naval Security Group Command, at Fort Meade, Md., serves as the command's director of information operations.
The information operations role is an important one, Mayo said. "Information operations is the ability to use information to your advantage and to deny it to an enemy," he explained. "You want free and rapid flow of information among your forces, but not among the other guys."
The Navy's information operations (IO) include computer network defense, electronic warfare, psychological operations, military deception and operational security. The Fleet Information Warfare Center, founded in 1995, provides highly trained IO teams to fleet staffs and naval units. It also develops IO doctrine and tactics, and pioneers computer network defense and electronic warfare concepts throughout the Navy.
One of the center's operation, NAVCIRT, runs 24 hours a day, seven days a week, with a staff of seven oil each watch, looking for suspicious intrusions into naval electronic communications. The team works in an anonymous, windowless room, with an unmarked, locked door, which opens only with the correct code. Inside the room are rows of powerful, highly classified computers, carefully monitored by members of the team.
"We watch for cyber attacks, scans, probes--anything unusual," said Rollins. "Our incident handlers work with commands that are targeted. We assist them in blocking the intrusion and tracking down the source."
The Welchia incident, for example, is still under investigation, Mayo said. "We want to see how it happened and prevent it from happening again," he said. "It could have come in electronically. It could have come in a disk that somebody brought from home. We'll get to the bottom of it."
The Welchia infection is the first successful cyber attack that the Navy has suffered since NETWARCOM was established, he said.
"We have pretty good visibility into these attacks," Mayo said. "And we have a pretty good read into evading them."
In addition to defensive tactics, the command also goes on the attack, employing psychological operations, Mayo explained. "Psychological operations is historically an Army special operations mission," he said. "But in Operation Iraqi Freedom, the Navy dropped 10.9 million leaflets in lraq. We prepared them on Navy ships, and we dropped them from Navy aircraft."
The aircraft carrier USS Constellation alone produced in excess of 6 million leaflets, which then were delivered into Iraq by the ship's aircraft, Mayo said.
Navy ships also are capable of conducting propaganda broadcasts on AM/FM radio frequencies, Mayo noted. In 2000, FIWC personnel successfully tested a prototype transportable AM/FM radio station aboard the USS Ashland (LSD 48). During the Iraqi war, FIWC plugged commercial CD players into the standard high-frequency transmitters aboard ships to broadcast canned psyop messages.
NETWARCOM is in the process of strengthening its relationship with the Army's psychological operations unit at Fort Bragg, N.C., Mayo said. "We've established a Navy billet down there," he said.
In September, NETWARCOM and SPAWAR co-sponsored Trident Warrior 03, the first large-scale event in the development of FORCEnet--the Navy's effort to integrate information, sensors, platforms and sailors into a concept called network centric warfare.
"FORCEnet is the centerpiece of our roadmap to the future," the chief of naval operations, Adm. Vern Clark, said during a briefing this summer at NETWARCOM. "Once implemented, FORCEnet will effectively give war fighters the knowledge of the battlefield to 'know first' and 'act first'--taking advantage of knowledge superiority over an adversary to prevail in battle."
FORCEnet "is really about turning data into information, and information into knowledge, making sure that we have it and the enemy never gets it," Mayo said. "Ultimately, FORCEnet brings us to an environment where we have total situational awareness, with very precise knowledge of enemy movements and, when required, the ability to strike first. We emphasize the capability to apply force."
The goal of Trident Warrior 03 was to deliver a supportable, sustainable war-fighting capability, complete with concept of operations and training to support the commander of the USS Essex Expeditionary Strike Group, which is forward deployed in Japan.
The strike group included the three ships normally assigned to the Essex Amphibious Ready Group--the Essex (LHD 2), the USS Fort McHenry (LSD 43) and the USS Harpers Ferry (LSD 49)--plus the USS Chancellorsville (CG 62) and the USS John S. McCain (DDG 56). Embarked upon the Essex ARG were elements of the 31st Marine Expeditionary Unit.
A specific objective was to deliver dynamic, multi-path and survivable networks through infrastructures, such as Internet Protocol network quality of service, wireless, ship-to-ship, line-of-sight and beyond-line-of-sight IP networking, high-bandwidth IP satellite communications links and Marine Corps network connectivity.
These infrastructures are intended to enable leaders to prioritize information on their networks, share a high-speed network that does not rely on satellites, pull large files from shore commands and increase communications with Marine forces ashore.
Another objective was to provide distributed, collaborative command and control, using automated systems to speed fire support and allow leaders to share the same picture of the battlefield, with a precise location of friendly forces.
"If this works, what I want to see is how quickly we can replicate it and get it out to the whole fleet," Mayo said. "Innovation is a big part of my job. What I call it is innovation and exploitation.
"One of the things that the CNO wants to see happen is rapid experimentation with technology and concepts, so we can see what works and what doesn't work."
It is important to move quickly, Mayo said. "We want speed, because the essence of network-centric warfare is speed. Processing information and using it before your adversary requires speed.
"We always want to be on the crest of the wave, never following it," Mayo said. "Look at start-up companies today: They don't have 10 years to see if their idea works. If they don't succeed within two years, they're toast."
At a year and a half, NETWARCOM is still experiencing growing pains. Its headquarters, with 103 people, is in a converted maintenance structure on Little Creek's waterfront, which is lined with amphibious assault ships just back from the Iraqi War. Space that was used to service rusting, 135-foot-long landing craft has been converted to air-conditioned offices for computer workstations.
The building, however, is not big enough to house the entire command headquarters. Next door on the tarmac, 12 mobile homes have been linked to provide additional space. Studies are underway for a larger permanent headquarters.
|Printer friendly Cite/link Email Feedback|
|Date:||Nov 1, 2003|
|Previous Article:||Pentagon microelectronics maker: no order too small.|
|Next Article:||Taking fire, Navy Marine Corps Intranet progresses.|