Re: [ISN] Pentagon and hackers in 'cyberwar'

From: mea culpa (jerichoat_private)
Date: Sun Mar 14 1999 - 03:38:52 PST

  • Next message: mea culpa: "[ISN] Anatomy of a fairly easy attack"

    Reply From: The Dodger <dodgerat_private>
    >> Bah! Clicked 'Send' instead of 'Save' last time... <<
    >Let me see if I get this straight.  An NBC News report says a conspiracy
    >of at least 15 professional "cyberterrorists" scattered around the globe
    >failed to obtain classified U.S. military data after launching a
    >coordinated assault?
    I don't see any reason to assume that there is more than one so-called
    "cyberterrorist". If we accept John Green's definition of a 'coordinated
    attack' in Peter Wayner's article ("Hacker 'Attacks' on Military Networks
    May Be Closer to Espionage"), then I, for one, understand the phrase to
    mean "a hacker or group of hackers working together, from a number of
    different computer systems worldwide". 
    In other words - if I want to orchestrate a 'coordinated attack' attack on
    the Pentagon, I hack into a dozen different systems, from .edu to .jp and
    use those systems to launch the attack. 
    As Steve Northcutt says - " many people are driving it [the
    coordinated attack] is not clear." 
    >Numerous reporters have described the exploits of pimple-faced brats who
    >regularly download top-secret nuclear codes, information on covert troop
    >deployments, and personnel medical records.  Indeed, NBC's own reporters
    >spoke to at least two defense sources who discussed the contents of a
    >"top-secret intelligence document written in 1996."  Given all this
    I think that the 1996 document was probably referring to efforts by France
    and Israel's intelligence agencies to conduct espionage against the United
    States by hacking into US computers, as opposed to attempts by those
    countries, or "cyberterrorists" based in those countries, to launch an
    information warfare attack on the United States. 
    There is a subtle (but important) difference between hacking into
    computers so you can pull information off them (i.e. intelligence
    gathering) and probing them as a precursor to launching an information
    warfare attack to crash/disable them. France is well-known in Europe for
    it's slightly ruthless and mercenary attitude towards National Security,
    and it wouldn't surprise me in the slightest to discover that they were
    attempting to obtain commercial intelligence from the US by using cracking
    techniques. After all, the US had a couple of people expelled from France
    a few years back after they tried to bribe French officials involved in
    the GATT negotiations to provide them with inside info on the French
    negotiating position (or something along those lines). As for Israel, I
    continue to find it absolutely hysterical that the United States gives
    grants or something like $2bn each year to a country which (a) is a
    right-wing religious nation-state (not all that different from Iran,
    really), (b) has an atrocious human-rights record, and (c) has a long
    history of spying on America.  Someone's being played for a sucker and
    it's not Israel. 
    >openness and sharing of classified information, I find it difficult to
    >believe a worldwide cyberterrorist conspiracy failed to obtain any
    >classified data. 
    I suspect that, whilst classified information is kept on a physically
    seperate network (e.g. SIPRNet), it's highly likely that data on
    unclassified networks can be relatively easily gathered and, if analysed
    properly, could yield conclusions which would, in themselves, be regarded
    as classified data. 
    Let me illustrate what I mean with an example: 
    The Government decides to launch a secret manned mission to Mars. All
    information regarding the mission is classified "Top Secret" or whatever,
    and the computers which hold any data relating to the mission are kept on
    a seperate network. An astronavigation expert who lectures on the subject
    at MIT and a spaceship designer from the JPL are attached to the project
    as part-time consultants - i.e. they spend part of their time at the 'Top
    Secret' site, and the rest of the time doing their normal jobs. 
    At some point, an issue concerning the life support system arises and one
    sends the other an email with references to oxygen tanks, carbon dioxide
    levels and the Lagrange point which lies between Mars and Earth. Someone
    who is aware that one or both of the individuals involved are doing some
    part-time that they can't talk about, intercepts the email by hacking the
    mail server at either JPL or MIT, reads it, and draws the conclusion that
    a manned mission to Mars is being planned. 
    Now, obviously, this is straying away from the realm of info security from
    a technical point of view, and into general loose-lips-sink-ships-type
    security, but ignoring the "soft" or human element in any security setup
    is something one does at one's peril. 
    The Dodger
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute []

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:52 PDT