By Vice Adm. Ted N. Branch
Deputy Chief of Naval Operations for Information Dominance (N2/N6)
“OPM (Office of Personnel and Management) reveals 21.5M affected in background investigation data breach” – Fierce Government IT, 9 July 2015
“Pentagon shuts down Joint Chiefs’ email network” – Engadget, 28 July 2015
“Hacker Cracks Satellite Communications Network” – Defense One, 5 August 2015
“NSA pinpoints China’s cyberattacks” Washington Times, 12 August 2015
It is no secret. The U.S. government, including the U.S. Navy, is under attack. You are under attack.
The headlines above only scratch the surface of the most recent attention grabbers. Our government and Navy computer networks and systems now face a constant barrage of attacks and intrusion attempts.
The numbers for just our unclassified network, the Navy/Marine Corps Intranet (NMCI), are staggering:
NMCI blocks approximately 3.5 million spam messages per month.
NMCI also prevents more than 231 million unauthorized intrusion attempts per month.
The threat is real and comes from a variety of sources including nation states, profit-motivated criminals, and ideologically motivated hackers, extremists, and terrorists.
They are trying to infiltrate and shutdown our systems, compromise or decrease the integrity of our data, and/or steal our personal assets.
Our systems are under attack. You are under attack.
It used to be that cyber attacks and defense were problems left to the IT professionals… the computer experts behind closed doors in the bowels of the ship or the basement of the office building. You rarely heard of the problems or their solutions.
If you log on to any Navy network, via desktop, laptop, smartphone, tablet, etc., you are in the cyber battlespace and are directly vulnerable to attack.
“Humans are the weak link in cybersecurity,” according to Michael Daniel, the Special Assistant to the President and U.S. Cybersecurity Coordinator.
It only takes one careless act to wreak havoc on the entire network. For example, the recent shutdown of the DoD and Joint Chiefs of Staff network in the Pentagon was the direct result of someone clicking on a link in an email that came to their official account.
At the headquarters level, we are standing up the Navy Cybersecurity Division within the OPNAV N2/N6 Information Dominance organization, to spearhead the Navy’s cybersecurity efforts.
Coincidentally, as we begin this effort, President Obama has designated October as National Cyber Security Awareness Month. Activities during the next four weeks are designed to engage and educate public and private sector partners with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident.
Within the Navy, we’re going to use this month to spread the word on cybersecurity. You’ll be hearing about the threat, what the Navy is doing, and what you can do concerning cybersecurity through blogs, tweets, news stories and press coverage.
One of the concepts we will go into detail on is called CYBERSAFE. Similar to the submarine community’s SUBSAFE program, CYBERSAFE is a program to maximize mission assurance for critical warfighting components. An additional goal of the CYBERSAFE program is to change the mindset of everyone within the Navy to “think before you click.” That is… think CYBERSAFE (cybersecurity) every time you log on.
CYBERSAFE is just like damage control onboard your ship. It is an All Hands responsibility. You must be prepared to do your part to make the ship more secure.
Our effort to change the Navy culture on cybersecurity will not end after this month.
Cybersecurity demands constant vigilance, so you will hear about cybersecurity and CYBERSAFE often in the months ahead. I encourage you to pay attention, embrace, and if you see something wrong…do something right. The security of the Navy, and your own (cyber) security depend on it.
Every day the Navy is under attack. You are under attack. Think cybersecurity. Think CYBERSAFE.