Defence

Learning from Ukraine, DISA expands Thunderdome to include secret SIPRNet

The flag of Ukraine on the computer’s binary code falls from above and disappears.

WASHINGTON: The Defense Information Systems Agency, heeding the lessons of the war in Ukraine about the need for modern and secure secret networks, has extended its zero-trust Thunderdome prototype program by six months.

DISA awarded Booz Allen Hamilton a $6.8 million contract for the network architecture program in January, and the company was expected to produce an initial prototype within the next six months — or this month. But in an announcement Thursday, DISA said it was expanding the scope of the experiment to include the Pentagon’s secret Secure Internet Protocol Router Network (SIRPNet) and that the deadline had been pushed back to January 2023.

“The start of the war in Ukraine has highlighted the importance of SIPRNet and the need to provide the US Department of Defense (DOD) with an upgraded classified network that will reliably protect data,” DISA said in a July 28 press release. “SIPRNet is used by the Department of Defense and military services around the world to transmit classified information, including classified information, but this framework is outdated and in need of updating.”

The Thunderdome prototype is an important part of the SIPR redesign process and will provide SPIRNet with the security benefits of a zero-trust architecture, according to a press release. The original announcement said Thunderdome would be a “scalable” prototype that could be applied to the Pentagon’s “network architecture,” but made no mention of SPIRNet.

Over the next six months, DISA will develop and implement a zero-trust SIPR solution in production that will better secure SIPRNet’s core infrastructure, providing the agency with “improved visibility so people can’t access documents they don’t need to see,” according to a release Thursday .

“While we worked to develop a zero-trust prototype for the unclassified network, we realized early on that we had to develop it in tandem for the secret side,” said Christopher Barnhurst, DISA’s deputy director. “This expansion will allow us to produce the necessary prototypes that will lead us to a true zero-trust concept.”

Networks of Ukraine were the target for hackers since the beginning of this year, cyberattacks on government and banking websites with distributed denial-of-service (DDoS) attacks attributed to Russia. A US defense official in February told reporters There were also signs that Russia had carried out cyber attacks on the Kakhovskaya HPP.

RELATED: Learning from the conflict in Ukraine, the Information Security Agency is promoting JADC2

The additional time will also allow the agency to conduct operational and safety testing that was not originally planned for the original pilot, and to develop a transition strategy for the current Shared regional security stacks users who will move to Thunderdome, said Jason Martin, director of DISA’s Center for Digital Capabilities and Security.

RELATED: Thunderdome going global? DISA says there is still room for industry, allies in the Zero Trust Initiative

U March interview of Breaking Defense, DISA director Lt. Gen. Robert Skinner said Thunderdome is a key initiative for the agency and will be a way to “reimagine” how it looks at networks in the future.

The goal of the original prototype schedule was to have the equipment that DISA was acquiring for Thunderdome on hand at various locations, with DISA’s Pacific Field Command in Hawaii likely to be the priority.

Skinner said cross-functional teams have been established at DISA for this work, and the agency is working with other services, such as the Air Force, to determine their needs.

He added that the program will provide four or five services, including the Secure Access Service Edge, which he described as “a modern way to build our virtual private network” where people can access the network from anywhere, an application security stack and the cloud. defensive cyber operations.

At the time, Skinner said the pilot, if it met all the requirements, could be a minimum viable product that could actually be scaled within the Defense Department.



https://breakingdefense.com/2022/07/learning-from-ukraine-disa-extends-thunderdome-to-include-classified-siprnet/ Learning from Ukraine, DISA expands Thunderdome to include secret SIPRNet

Back to top button