The adoption and use of new tools have made Department of Defense networks safer from increased cyberthreats during this time of heightened remote telework, officials say.
Tools such as Outlook Web Access, virtual private networks, and commercial virtual remote environment/Microsoft teams have not only enabled telework and remote operations but also reduced the use of unauthorized telework resources, leading to overall security of the network, a U.S. Cyber Command spokesperson told Fifth Domain.
For its part, the Army has expanded VPN capacities, teleconferencing and internet access points as well as increased the number of mobile devices.
The Navy has leveraged real-time collaboration capabilities using commercial virtual remote, or CVR, technology, allowing the service to securely maintaining a presence when not physically present, officials said.
On the Air Force side, Lt. Gen. Mary O’Brien, deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects operations, said there have been increasing cyber incidents as telework capabilities grew from a baseline of about 9,000 virtual private network connections to more than 400,000 VPN connections.
“The 616th Operations Center at 16th Air Force surged their workforce to monitor those threats, conduct assessments, minimize the risk to the expanding Air Force networks and also employing mitigations to reduce the vulnerabilities,” she said during a Joint Service Academy Cybersecurity Conference webinar June 11.
Overall, officials have noticed an uptick in probes to networks as well as coronavirus-related misinformation campaigns originating from nation-states and criminal entities.
Due to security reasons, it’s unclear the extent to which defensive-focused groups such as cyber protection teams have responded to particular breaches or incidents. A Cyber Command spokesperson said with additional vulnerabilities posed by increased telework activity, CVR is invaluable to balancing such threats through increased capacity to defend remotely.
The representative added that the DoD has learned much, and if subsequent waves of COVID-19 hit, the department is better prepared to meet such challenges.
Across the DoD more broadly, its main network operations and defense entity — the Joint Force Headquarters-DoD Information Networks — has played a critical role in ensuring the fidelity and safety of its network. A Cyber Command spokesperson said JFHQ-DoDIN’s mission-critical work was made an operational imperative to ensure the DoD can rapidly respond without losing significant levels of productivity. The top priorities here included ensuring components had network access, necessary tools, network protection and information.
The spokesperson added that with the knowledge of increased vulnerabilities and opportunities for bad actors during mass teleworking, the DoD has worked to control the DoDIN military command structures to include Directive Authority for Cyberspace Operations, which provides coordinated action among DoD entities.
While the response to increased telework has been similar to previous efforts by JFHQ-DoDIN and Cyber Command to protect the network, officials noted that what’s new is the formation of a COVID-19 task force established by Pentagon Chief Information Officer Dana Deasy.
The task force is co-lead by Cyber Command and the CIO’s office. Other members include JFHQ-DoDIN, the National Security Agency, the Defense Information Systems Agency, the Joint Chiefs of Staff and others from the DoD CIO’s office. To date, it has delivered millions of remote connections and service options to ensure continuity of operations, according to a Cyber Command spokesperson.
Officials also believe there is no going back now, surmising that the telework and network surge spurred by the pandemic will be permanent.
“Remote working/teleworking is here to stay. We’re not going back,” O’Brien agreed.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.