Forwarded From: Brook Powers <lwpowersat_private> For NASA Whiz, Busting Hackers Isn't Rocket Science By Kathy Sawyer Washington Post Staff Writer Friday, August 28, 1998; Page A23 There's a new sheriff at NASA. Possibly the youngest GS-14 at the space agency, 23-year-old Dan Ridge has become a computer crimebuster for NASA Inspector General Roberta L. Gross. While the other agents "have to wear guns and bulletproof vests and get to work at 6:30 a.m.," he said, "I don't have to wear a gun, I get to wear jeans, and I don't come in before 10." Gross and other NASA officials hail Ridge as the whiz who built a "smaller, cheaper, better, faster" computer system – based on a design called Beowulf – to detect computer intrusions agency-wide. Beowulf is so good, they say, that NASA is touting it to the rest of the government, to universities, to law enforcement and virtually any organizations with big computational needs and small budgets. "We brought over a 23-year-old genius and he built us a computer system for $56,000," Gross said with a big smile. It is almost embarrassingly cheap, she added, noting that such a concept isn't even on the screen of some huge departments, which automatically budget millions for such an operation. "We all love him." Ridge, in turn, loves his job. But there is a touch of culture shock. "It's very, very strange," he said. "There's nobody here like me. . . . I'm probably the only civil servant around here who was not alive for any of the moon landings." He confessed to feeling mild discomfort recently when he found himself giving seminars – to 100 scientists and engineers in a lecture hall at Caltech, for example, and to a group at Edwards Air Force Base working on NASA's next-generation space plane, the X-33. "It's really something, to be the only one with no PhD, hoping the question of my degree doesn't come up." Actually, he got so caught up in his computer work, he confessed, that he has neglected to graduate from the University of Maryland, where he had switched from aerospace engineering (his father's field) to computer sciences. A senior, he has just a few more credits to go, when he can find the time. But for now he's working 12 or more hours a day for NASA. Ridge has been enlisted in a war on the sort of crimes many people still associate with bored but harmless teenage nerds. But experts say hacker attacks on federal agencies have increased in frequency and sophistication, keeping pace with the remarkable progress in information technology. The number of people who use the Internet, as well as the volumes of data seized as evidence of crimes, have exploded in recent years, making it ever more difficult to maintain an open flow of information and yet guard against criminal – or terrorist – intruders. In the most alarming recent intrusion involving NASA, the Pentagon and other government assets, Ehud Tenenbaum, an 18-year-old Israeli who called himself "Analyzer," was arrested in March for allegedly orchestrating an unprecedented assault that, officials said, could have disrupted global military communications. "Bells are going off all of a sudden about how vulnerable we are," said Thomas J. Talleur, who heads the IG's advanced technology programs. And if a technology-oriented agency such as NASA has been slow in confronting the problems, Talleur added, "what about everybody else?" When Gross became NASA's IG in 1995, she was concerned that its information systems, which include vital communications with the manned space shuttle and other spacecraft, lacked adequate security. NASA was one of the four government agencies that founded the Internet and it is the agency with the most broadly distributed worldwide connections. Moreover, the agency is leading the government in a move toward paperless electronic contracting, and will soon channel all its communications through a single Internet address. So in May 1996, Talleur said, the office created a small computer crime unit with a staff of 15 to cover the whole country. Its targets include hacker attacks on Internet, telephone or space systems; and crimes involving theft of advanced technology, trade secrets and personal electronic identities. A few years ago, a computer hard drive seized in a crime would typically carry the equivalent of 50,000 pages of text. Now, the agents might routinely seize 5 million to 50 million pages worth of data as evidence in a single case. They needed something that could conduct high-speed searches of huge data sets at very low cost. The unit's strategy for "leveraging our scarce resources," he said, was to adapt the technology NASA uses for scientific pursuits to its own non-scientific operations, following the agency's stated philosophy of doing things faster and better for less. Talleur found Ridge at NASA's Goddard Space Flight Center in Greenbelt three years ago. Still a student, Ridge had started work on the Beowulf concept under the guidance of advisers Thomas Sterling, now at Caltech, and Donald Becker, a contract scientist in Goddard's Center of Excellence in Space Data and Information Sciences. Their aim was to develop a software "infrastructure" that would reduce the cost of scientific applications, Becker said. "Besides transitioning our entire work force into the next century," Talleur said, "we wanted this to be a model for how you fight computer crime. . . . Frankly, it doesn't get any cheaper than this." "We're disappointed to lose him," Becker said of Ridge. "But it's a real credit to the IG's office that they hired him." Ridge had started reading aerospace trade magazines when he was 10 years old, doing filing chores for his dad, he recalled. When he was in high school, his father grilled him on technical issues as if he were on a game show. As a college student, working on Beowulf, Ridge installed the system in his room and other students would pay him $10 "so they could do their homework on it." Talleur said, "I think when Dan cried as a baby, his father must have put not a bottle but a motherboard in his mouth." This year Talleur made him an offer he couldn't refuse: GS-14, jeans, his own hours. Who could resist? "I get to participate in their world without a lot of the baggage they have to carry," Ridge said. As a result, he is free to work 12 hours a day at headquarters, then carry his laptop to the officers club at a nearby military base where he can work some more, undisturbed, into the night. The exception is on Thursday evenings, when he crews on Becker's J-24 in the regular Annapolis sailboat races. The IG's new Beowulf system resides in a secure room, kept chilled and dim, on the eighth floor of NASA headquarters here. Not much bigger than a large bookcase, the cabinet contains 25 machines ordered "off the shelf." To create Beowulf, the NASA team adapted a powerful, freely available and easily customized operating system known as LINUX (similar to the more familiar UNIX) to work in a massively parallel environment. Several machines work on parts of the job at the same time, getting it all done much faster than a single processor – even one with more total power – could accomplish. This modest cluster can analyze 2.4 gigabytes per second, and the power of the cluster can be greatly multiplied by adding more machines. Ridge adapted the Beowulf system to monitor the space agency's computer system for telltale signs of hacker intrusions once suspicious activity has been reported. For example, hackers sometimes route their messages through Romania to try to avoid detection. Ridge wears a SkyPage beeper on his hip. It chirps whenever there is an intrusion, or suspected intrusion, in a NASA system. It goes off daily, he said. The agents are on 24-hour alert, and just yesterday had to take off for Goddard to deal with a case. Though he owns a couple of cars, including a 1977 Fiat convertible he likes to work on, Ridge recently moved to an apartment in Southwest, just four blocks from his NASA office, to minimize his commute. Said Gross, "He brought his girlfriend in and I said, 'Take him to a movie, get him a life!' " -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:02:40 PDT