[ISN] Pentagon and hackers in 'cyberwar'

From: mea culpa (jerichoat_private)
Date: Fri Mar 05 1999 - 11:23:04 PST

  • Next message: mea culpa: "[ISN] Who's Taking Privacy's Pulse?"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990305112208.10137Sat_private>
    Forwarded From: darek milewski <darekmat_private>
    Pentagon and hackers in 'cyberwar'
    By Jim Miklaszewski and Robert Windrem, MSNBC
    March 5, 1999 5:17 AM PT
    URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2220773,00.html
    WASHINGTON, D.C. -- The Pentagon has been warning about a future computer
    war. Well, the future is now, and the war is on. 
    For two days in January, hackers repeatedly tapped into military computers
    at Kelly Air Force Base in San Antonio -- the center for the most
    sensitive Air Force intelligence, the kind of information critical to
    American troops now on patrol over Iraq and in Bosnia. 
    NBC News has learned the attack was a sophisticated, coordinated assault
    through computer networks in Canada, Norway and Thailand. 
    The hackers didn't receive top secrets but the Pentagon's No. 2 man,
    Deputy Secretary of Defense John Hamre, says the United States is
    essentially engaged in an all-out cyberwar. 
    "The department is experiencing fairly sophisticated challenges right
    now," said Hamre. 
    For the past several months, so-called cyberterrorists, operating from as
    many as 15 locations worldwide, have launched a series of coordinated
    attacks on Pentagon computers -- as many as 100 per day. 
    The attackers remain unidentified and since anyone with a computer is a
    potential enemy, experts warn the United States military is vulnerable to
    a sneak attack. 
    "It's not a matter of if America has an electronic Pearl Harbor -- it's a
    matter of when," said Rep. Curtis Weldon, R-Penn. 
    At Kelly, the hackers were trying to enter a server that controls a number
    of sensitive computers at the base and other bases in the San Antonio
    Among the computers targeted were those of the Air Intelligence Agency,
    the Air Force Information Warfare Center and a Joint Chiefs of Staff
    command-and-control operation. Officials said it was the most
    sophisticated attack yet on Pentagon computers. 
    "What is clear is that the attacks were coordinated," said Steven
    Northcutt, head of the intrusion center at the U.S. Naval Surface Warfare
    Center in Virginia, which tracked the assault. "But exactly how many
    people are driving it is not clear." 
    FBI called in for help 
    The attack so worried the Pentagon that it called in the FBI, which has
    launched a criminal investigation. 
    Officials said the attacks were coordinated to increase the "stealth and
    firepower" of the perpetrators and were "difficult to detect" because they
    were planted in "a large volume of identical traffic that is too massive
    to process without specialized techniques." 
    A copy of the Navy's briefing on the attacks, called 'Internet Threat
    Briefing -- Stealth and Coordinated Probes and Attacks,' shows an
    "evolution of the cat-and-mouse game hackers and administrators play,"
    said Peter Durham, MSNBC's network security analyst. 
    "This is a new strategy, not a new weapon," said Durham, who reviewed the
    briefing. "Each attack is a regular, familiar kind of attack. What is
    different is the way it's being executed." 
    Durham said what distinguishes this attack is that it came from a number
    of different, unrelated locations, which makes tracking it difficult. 
    Making some progress
    But the military is making some progress. New technology developed by the
    Navy did detect the attacks on Kelly Air Force Base, but failed to find
    the hackers themselves. Several experts said such an attack wouldn't have
    even been detected at all a few months ago but the government has been
    quietly setting up cyberwar early-warning operations at the Pentagon, CIA
    and the National Security Agency over the past year. 
    In a speech last November, National Security Council Terrorism Coordinator
    Richard Clarke said Department of Defense Web sites are being visited
    regularly by foreign governments. 
    U.S. officials said none of these nations is believed to have aggressive
    plans and attribute their 'pinging' of sensitive systems to an extension
    of their economic espionage activities. 
    In speeches and interviews, Clarke has been unsparing in his declarations
    of the threat. He told The New York Times in a recent interview: "I'm
    talking about people shutting down a city's electricity, shutting down 911
    systems, shutting down telephone networks and transportation systems. You
    black out a city, people die. Black out lots of cities, lots of people
    die. It's as bad as being attacked by bombs." 
    "An attack on American cyberspace is an attack on the United States, just
    as much as a landing on New Jersey," he said. "The notion that we could
    respond with military force against a cyberattack has to be accepted." 
    President Bill Clinton recently proposed spending $1.5 billion in fiscal
    2000 to shore up the nation's defenses against cyberterrorism. 
    France and Israel cited
    Specifics on the threat are hard to come by, say experts. One of the few
    instances where the United States has in any way detailed the threat came
    last week after Hamre described the Kelly Air Force Base attack before
    Weldon's committee. Afterward, Weldon described what Hamre told the
    committee as a "siege by a coordinated, organized attack." 
    Sources tell NBC News that a top-secret intelligence document written in
    1996 identified Israel and France as trying to penetrate sensitive U.S.
    government and commercial computers. 
    "French and Israeli attempts were noted" in the report, a source familiar
    with the document said. A second source in the U.S. government confirmed
    the two countries' attempts. 
    This effort is reportedly centered in two places inside the U.S. 
    intelligence community. One is the Critical Technologies Branch of the
    CIA's Office of Science and Weapons Research. The other is the Infowar
    Support Center, also known as G42, at the National Security Agency. 
    Both are involved in the American effort to have cyberweapons available to
    retaliate against an enemy who goes after U.S. systems or to use these
    weapons to disable enemy defenses in a war. 
    Pentagon officials insist the military's deepest secrets are still safe,
    but they admit that as these computer terrorists become more
    sophisticated, this is one war that's getting tougher to fight. 
    Jim Miklaszewski covers the Pentagon for NBC News and Robert Windrem is an
    investigative producer specializing in the U.S. military.  --
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:28 PDT