A constant attack: 36 million malware and phishing emails stopped a day by the Department of Defense

Posted at 10:19 AM, Oct 22, 2019
and last updated 2019-10-22 20:51:03-04

WASHINGTON - The Department of Defense is facing a constant barrage of email attacks and stopping them is a focus of cybersecurity efforts across the military branches.

Daily, the Defense Department stops "36 million emails full of malware, viruses and phishing schemes from hackers and terrorists and foreign adversaries trying to gain unauthorized access to military systems," according to the Navy Cyber Defense Operations Command.

The command warns that new cyber threats are emerging and that attacks are likely to get worse before getting better.

The Navy spends approximately $160 million each year cleaning up cyber intrusions, which impacts network downtime, working hours and equipment expenses.

Now the Navy Cyber Defense Operations Command is calling for a "paradigm shift" and disruption of current cybersecurity culture across the Navy. They argue that cybersecurity must be treated as a warfare domain.

They are calling on a three-step approach:

1. IDENTIFYING the attack surface – All web browsing, communications (e.g. email, chat, digital telephone, etc.), machine-to-machine interaction, etc. must be identified in order to know and understand the landscape of which we are defending against our adversaries.

2. REDUCING the attack surface – Consider restricting the platform to only .gov and .mil domains or other websites that are mission critical, also known as whitelisting. This means separating mission activities from non-mission activities, then using NIPRNET for mission-only activities and browsing.

3. TRANSFERRING the risk – Consider transferring the risk off the network using a third-party provider, limiting the user’s exposure to cyber risks. The goal is not to limit access to necessary and needed web browsing or communications, but rather, transfer the potential cyber risks off the mission critical platform. Many providers offer a capability that allows a sandboxed web browsing experience in which end users interact with websites (not whitelisted) in a familiar way, but keeps the Navy’s mission-critical platform safe from potentially-malicious and uninspectable traffic.


U.S. military continues to grapple with onslaught of cyberattacks