Network security

US Navy Identifies, Resolves Network Vulnerabilities During Recent Operation

The U.S. Navy has launched Operation Cyber Dragon, an initiative that is designed to protect the service’s networks. The Navy kicked off the repeatable operation in March.

Sandy Radesky, the deputy chief information officer of the Navy Fleet Cyber Command, said Operation Cyber Dragon identifies vulnerabilities in commercial cloud-hosted and externally facing assets and seals identified gaps. According to Radesky, the effort is essential because commercially provided services can either be within the jurisdiction of the Navy’s part of the Department of Defense Information Network or completely outside it.

The deputy CIO said in the first phase of the operation, a Fleet Cyber Command team focused on accountability roles and responsibility for offerings that are within and outside DODIN-N.

The program focused on unclassified systems and Impact Level 5 cloud services, FedScoop reported Thursday.

The team used a commercial tool that allowed officials to look at the service’s network through a dashboard. According to Radesky, the tool is designed to be intuitive for users, making the operation repeatable.

While Radesky did not share specific information about the vulnerabilities that were being targeted, she said that nearly a quarter of the 14,000 vulnerabilities that were identified were remediated. She hopes that half of the remaining gaps will be reduced in the next phase of the program.

The second phase of Operation Cyber Dragon will start in mid-July and will last about six weeks. The military branch is working with the Navy Reserve for the effort.