Information Security: Computer Attacks at Department of Defense Pose Increasing Risks

GAO discussed information security procedures at the Department of Defense (DOD). GAO noted that: (1) as many as 250,000 DOD computer systems were attacked in 1995; (2) hackers successfully penetrate DOD computer systems 65 percent of the time; (3) hackers attack DOD computer systems to steal and destroy sensitive data and install reentry devices; (4) these attacks cost the government over half a million dollars, including the cost of disconnecting the system, verifying the system's integrity, installing security patches, and restoring computer services; (5) hackers are capable of disrupting communications and threatening U.S. military operations; (6) DOD faces a huge challenge in protecting its computer systems due to the size of its information infrastructure, increasing amounts of sensitive data, Internet use, and skilled hackers; (7) DOD has established a Global Information Warfare Control Center and a Automated Systems Security Incident Support Team to provide around-the-clock service and respond to computer attacks; (8) many DOD policies pertaining to computer security are outdated and inconsistent and DOD system and network administrator's are inadequately trained to perform their jobs; and (9) DOD needs to be more aggressive in developing an automated program that responds to computer attacks.