20 Feb 2014

US Navy Intranet Harbored Iranian Spyware for Four Months

Iranian hackers infiltrated the US Navy Marine Corps Intranet (NMCI) to install spyware, according to Ars Technica.

The US Navy’s administrative network, which covers about 70 per cent of the Navy’s operations, was breached in August 2012 through a vulnerability in one of its public-facing websites. After gaining initial access, a flaw in the security of the network the server was hosted on allowed attackers to gain access to NMCI’s private network and spread to other systems.

The initial vulnerability was discovered and closed but the spyware installed remained in place until November 2012. No data was affected in the four-month period but repairing the damage cost the US $10 million.

The Navy plans to give up NMCI and move to Next Generation Enterprise Network (NGEN).

“The transition of Navy network services to the NGEN phase of NMCI will begin immediately and is expected to take up to 13 months. The Navy's network services will be provided under a government-owned, contractor-operated model,” the US Navy’s website reads.

The NMCI is the largest corporate intranet in the world with over 800,000 users at 2,500 sites.