[ISN] NSA's Operation Eligible Receiver

From: jerichot_private
Date: Fri Apr 17 1998 - 01:33:02 PDT

  • Next message: jerichot_private: "[ISN] John Patrick discusses.. security.. (interview)"

    Forwarded From: Nicholas Charles Brawn <ncb05t_private>
    
    
    THE WASHINGTON TIMES
    April 16, 1998
    Bill Gertz
    
    Computer hackers could disable military; System compromised in secret
    exercise
    
    Senior Pentagon leaders were stunned by a military exercise showing how
    easy it is for hackers to cripple U.S. military and civilian computer
    networks, according to new details of the secret exercise. 
    
    Using software obtained easily from hacker sites on the Internet, a group
    of National Security Agency officials could have shut down the U.S.
    electric-power grid within days and rendered impotent the
    command-and-control elements of the U.S. Pacific Command, said officials
    familiar with the war game, known as Eligible Receiver. 
    
    "The attack was actually run in a two-week period and the results were
    frightening," said a defense official involved in the game.  "This attack,
    run by a set of people using standard Internet techniques, would have
    basically shut down the command-and-control capability in the Pacific
    theater for some considerable period of time." 
    
    Pentagon spokesman Kenneth Bacon said, "Eligible Receiver was an important
    and revealing exercise that taught us that we must be better organized to
    deal with potential attacks against our computer systems and information
    infrastructure." 
    
    The secret exercise began last June after months of preparation by the NSA
    computer specialists who, without warning, targeted computers used by U.S.
    military forces in the Pacific and in the United States. 
    
    The game was simple: Conduct information warfare attacks, or "infowar," on
    the Pacific Command and ultimately force the United States to soften its
    policies toward the crumbling communist regime in Pyongyang. The "hackers"
    posed as paid surrogates for North Korea. 
    
    The NSA "Red Team" of make-believe hackers showed how easy it is for
    foreign nations to wreak electronic havoc using computers, modems and
    software technology widely available on the darker regions of the
    Internet: network-scanning software, intrusion tools and password-breaking
    "log-in scripts." 
    
    According to U.S. officials who took part in the exercise, within days the
    team of 50 to 75 NSA officials had inflicted crippling damage. 
    
    They broke into computer networks and gained access to the systems that
    control the electrical power grid for the entire country. If they had
    wanted to, the hackers could have disabled the grid, leaving the United
    States in the dark. 
    
    Groups of NSA hackers based in Hawaii and other parts of the United States
    floated effortlessly through global cyberspace, breaking into unclassified
    military computer networks in Hawaii, the headquarters of the U.S. Pacific
    Command, as well as in Washington, Chicago, St. Louis and parts of
    Colorado. 
    
    "The attacks were not actually run against the infrastructure components
    because we don't want to do things like shut down the power grid," said a
    defense official involved in the exercise.  "But the referees were shown
    the attacks and shown the structure of the power-grid control, and they
    agreed, yeah, this attack would have shut down the power grid." 
    
    Knocking out the electrical power throughout the United States was just a
    sideline for the NSA cyberwarriors. Their main target was the U.S. Pacific
    Command, which is in charge of the 100,000 troops that would be called on
    to deal with wars in Korea or China. 
    
    "The most telling thing for the Department of Defense, when all was said
    and done, is that basically for a two-week period the command-and-control
    capability in the Pacific theater would have been denied by the 'infowar'
    attacks, and that was the period of the exercise," the official said. 
    
    The attackers also foiled virtually all efforts to trace them.  FBI agents
    joined the Pentagon in trying to find the hackers, but for the most part
    they failed. Only one of the several NSA groups, a unit based in the
    United States, was uncovered. The rest operated without being located or
    identified. 
    
    The attackers breached the Pentagon's unclassified global computer network
    using Internet service providers and dial-in connections that allowed them
    to hop around the world. 
    
    "It's a very, very difficult security environment when you go through
    different hosts and different countries and then pop up on the doorstep of
    Keesler Air Force Base [in Mississippi], and then go from there into
    Cincpac," the official said, using the acronym for the Commander in Chief,
    Pacific. 
    
    The targets of the network attacks also made it easy. "They just were not
    security-aware," said the official. 
    
    A second official found that many military computers used the word
    "password" for their confidential access word. 
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:50:50 PDT