September 30, 2019 at 01:42 #5559
American government agencies are in a state of anxiety with the country’s 2020 elections on the horizon. Fearing a repeat of the Russian hacking incident during its last electoral cycle of 2016, Washington has instigated a review of a number of national institutes’ cyber defence capabilities. Worryingly, the US Navy has come up short.
The Navy announced a new head of cyber on Friday, after two blunt reviews in the past year found it could not compete in cyberwar with nations like Russia and China and had “significant breaches” in its cyber defences.
The second review, seen exclusively by NBC News, made specific recommendations for how to fix those vulnerabilities.
To make the fixes, the Navy has hired Aaron Weis as chief information officer, a newly created position. Weis, who was serving as senior adviser to the Pentagon’s chief information officer, will lead a new 25-person office dedicated to improving the Navy’s cybersecurity, data, information management, digital strategy and business systems.
In 2018, as series of breaches of the Navy’s networks and the networks of the defense contractors that supply it alarmed top officials because they put the Navy at a disadvantage compared to the nation’s main military rivals, Russia and China. Navy Secretary Richard V. Spencer commissioned a report on the department’s cybersecurity abilities.
Released in March, the report found significant issues with the Navy’s data and digital information management. To address those problems, it recommended the Navy create an independent chief Information officer position, a role that had been part of Undersecretary Thomas Modly’s responsibilities since early 2018.
A month later, Spencer asked an independent team of military and civilian experts to conduct another review and identify the Navy’s shortcomings in both cybersecurity and cyberwarfare and provide recommendations on how the new office would function. The team was given unprecedented access to leadership, meetings and staff of the Navy and the Marine Corps to identify problems.
“We were extremely candid with what the challenges were that the Navy was facing,” said Ron Moultrie, the former head of operations at the National Security Agency, who led the review team. “We talked about those weaknesses and we also talked about ways to address weaknesses and then we recommended a structure.”
The key findings of the team’s review underscored the fact that adversaries of the U.S. have been learning how to infiltrate the Navy’s vulnerabilities since the 1990s. It noted specifically that China has stolen critical military data from the Navy and massive amounts of trade secrets from private-sector contractors.
The report, which was delivered to the Navy in July and has not been made public, found the department was incapable of assessing cybersecurity and supply chain risks and that Navy collaboration was undermined due to distrust between leadership and other offices within the department.
There is a lack of uniform understanding of information management across the department, it said, and the Navy’ was fixated on planning for physical wars while its competitors were focusing on cyberspace.
Modly has stated that a position like Weis’s is long overdue and will enable the Navy to better protect its business systems, sailors and Marines. “We can’t be an effective Navy if we allow ourselves to continue to be vulnerable in these areas,” he said.
As chief information officer, Weis will oversee four other chief officers of technology, data, digital information and information security, tasked with fixing the department’s vulnerabilities. “The most significant impact is how are we prepared to fight, defend or not have to fight in the future,” Modly said. “Most importantly, how do we avoid sort of a cyber Pearl Harbor?”
The fact that the government’s recent cyber fears are mostly centered around electoral interference does not mean that other areas – especially the military – should be neglected; however, it can be hoped that identifying these issues now will prevent the sort of cataclysmic event feared by Modly.
October 11, 2019 at 20:08 #5635
- This topic was modified 2 months, 2 weeks ago by Timothy Ogden.
It’s been featured on our medium: https://medium.com/@cybersecurecentral/us-navy-cyber-security-found-wanting-from-our-forums-3252e65c9644October 25, 2019 at 22:19 #5712Anonymous
Perhaps the US Navy should outsource for cyber defence contracts, maybe Russia or China are good bets? 🙂
At this point really, they should lay back and focus on their dorito eating competitions, because it is all a little too late.October 25, 2019 at 22:33 #5715
With the US elections looming ever closer I think Russia and China are being watched out for, however there ought to be a larget focus on campaigns amd how they are run if companies like Cambridge Analytica are to have less impact on electoral behavioue through the use and manipulation of peesonal data. Likewise Facebook and other social media outles ought to understand they have a responsibility to ensure that they are neither complicit, nor ignorant to the fact that foreign countries as well as non state actors ate out there analyzing our profiles, our likes, dislikes and fears to change our opinions; particularly if one is sitting on the fence when it comes to elections that may be close. Data scientists employed by election campaigns are going to more of a threat to democracy in the US than Russian or Chinese hackers, or any hackers for that matter. It is all easy to scapegoat the Russian or Chinese, while missing the bigger picture.October 25, 2019 at 22:34 #5716Anonymous
Haha, the head of the National Security Agency saying “We were extremely candid”, that’s rich!
And I wouldn’t worry about the Americans neglecting the military sector, they spend far more on that than anything else, it’s not like feeding the impoverished class is as important as stocking up on munitions and paying billions of dollars for encampments abroad to “Keep the peace.” Lol.October 25, 2019 at 22:34 #5717
*largerOctober 26, 2019 at 19:37 #5721Anonymous
The bigger picture is simple my friend, these companies have a vested interested in storing and analysing our data in order to manipulate public opinion. It is well known that in this day and age, information is power, and where better can you find information on individuals across the globe than the internet? Not only that, yet this is information that they themselves have chosen to disclose! Multi-billion dollar companies will continue to do this, because it serves them, and at the end of the day, everyone is looking out for number 1. Instead of hoping that they have some sort of awakening of conscience, we should rather aim to safeguard are interests and not share our personal date online in such a cavalier fashion. If we must, then Cyber Security and all other proper channels are necessary. As the saying goes, “Live Hidden, Live Happy!”November 1, 2019 at 18:06 #5798
I just got finished reading an article which proves the US’s cyber and tech intelligence is wanting, only to read that the US Navy is even lagging behind. It further proves the direction in which all of this is clearly headed.November 2, 2019 at 17:57 #5855
What a poorly informed and poorly structured comment. The gruelling and rigorous training that the members of the elite US Navy go through is something you will never fully understand, while you belittle them behind the comfort of your laptop as you lay on the couch and eat your Doritos. The fact is, yes, the US cyber security sector has slightly fallen behind, but America is still the most powerful country in the world for a reason. They have very capable military personnel, and unmatched force. I’d be more realistic in my statements if I were you, for fear of appearing foolish.November 5, 2019 at 10:56 #5916
Very interesting topic.
cyber attacks have been conducted since the early 90s and a country like the USA just appointed a chief information officer in 2019!!!
November 5, 2019 at 18:29 #5926
- This reply was modified 1 month, 1 week ago by ta89.
I entirely agree with the notion of going. Unless using social media channels to promote a certain business, it is best to steer clear of social media platforms altogether. Posting the personal affairs of one’s life online is a clear invitation for others to use that information and manipulate it to their own benefit, whether it is to sell you something, blackmail you, influence you, among many others. Yet another reason why cyber security in this day and age, is crucial. About the navy, the Americans have been found wanting in far more fields than merely Cyber Security.November 18, 2019 at 18:35 #6053
Finally, America moves in the right direction. It is no secret that we have been lagging behind the Chinese and the Russians when it comes to Cyber Security, arriving at a point where we have incurred tremendous losses on that front. This new reform within the US Navy is one of the many steps that we must undertake if we are to put ourselves on the right path once again, or otherwise be swept away completely. Goes to show how important cyber security is in this day and age.November 26, 2019 at 12:22 #6167
I just can’t believe this load of hogwash! Our navy is wanting for nothing. They are men built of fire and steel, men capable of things that the average non-American soy laced simp couldn’t even imagine if he tried! Hoo-Ha!
You must be logged in to reply to this topic.