DoD public-facing server are supposed to be cordoned off, DMZ'd, hardened to the point where theyre nearly unusable, and not contain anything but data classified as PUBLIC (ie, lose the server and you lose nothing important). These are part of many DISA requirements that simply werent followed. These guys were lazy/bad/apathetic -they arent now (though still getting paid the same, so why should they care).
The "Bloodstream" is just some official talking out of his ass about something he doesnt understand, unless he is talking about the DISA network the navy rides (which could /correctly/ be analogized as the 'bloodstream' of the global navy network). But that would be actual serious shit, and a different story altogether. Or maybe its a regional/theatre ops center with connections to lots of enclaves. Who knows.
My guess is that the web admins had a lax PKI implementation and local admin accounts that shared username/password with other servers. This "bloodstream" thing makes no sense as there are supposed to be physical and logical boundaries between enclaves. how much access do you have to your ISP's equipment? DoD networks are supposed to be like that to compartmentalize things.
Really, most of the explanation of what actually took place sounds like gibberish.