Support our mission

An anonymous tip alleging computer security breaches at DODDS-Europe prompted a recent review and the first on-site inspection of the school system’s network by an outside organization.

A Stuttgart, Germany-based team from the Defense Information Systems Agency — which monitors and troubleshoots DOD communication lines — wrapped up its unannounced, two-day evaluation last week, said Margret Menzies, spokeswoman for Department of Defense Dependents Schools-Europe.

Computers at DODDS-Europe contain confidential files on students, parents and employees including Social Security numbers, addresses and health information.

Last week was the first time the agency physically inspected the school system’s computer network, though the agency regularly conducts network security assessments remotely, she said.

But even before the team arrived at DODDS-Europe facilities in Mainz-Kastel, Germany, “DISA indicated that there was no validity to the (tipster’s) allegation,” Menzies wrote in an e-mail to Stars and Stripes. Still, the agency moved forward with the site visit to “look at major aspects of the (information technology) operations,” she wrote.

DISA officials would not confirm or deny if the alleged breach was deemed unfounded as Menzies stated.

“As a matter of policy and operational security, we do not discuss specifics about network security assessments, site visits or investigations,” Tim Madden, a spokesman for the agency, wrote in an e-mail. But “the goal of any network security assessment is to improve security.”

A DISA document obtained by Stars and Stripes outlining the agency’s approach to the DODDS-Europe review focuses on potential security breaches at the Bahrain School. The inspection was prompted by a confidential source, the DISA document states.

The document states DISA would send a team to Bahrain to conduct an in-depth review of the DODDS-Europe school there if the source’s information was validated during the on-site visit.

Officials would not comment on whether a follow-up review at the Bahrain School would take place.

“We will not address our security measures and discussing DISA’s discoveries could potentially tell hackers what our vulnerabilities may be,” Menzies wrote in an e-mail.

However, she wrote, “the findings were predictable and matched up with areas we were aware of and already addressing … DODDS-Europe will review every recommendation made by DISA … We take our network computer security very, very seriously.”

Stripes in 7

around the web

Sign Up for Daily Headlines

Sign-up to receive a daily email of today’s top military news stories from Stars and Stripes and top news outlets from around the world.

Sign up