Reply From: The Dodger <dodgerat_private> >> Bah! Clicked 'Send' instead of 'Save' last time... << >Let me see if I get this straight. An NBC News report says a conspiracy >of at least 15 professional "cyberterrorists" scattered around the globe >failed to obtain classified U.S. military data after launching a >coordinated assault? I don't see any reason to assume that there is more than one so-called "cyberterrorist". If we accept John Green's definition of a 'coordinated attack' in Peter Wayner's article ("Hacker 'Attacks' on Military Networks May Be Closer to Espionage"), then I, for one, understand the phrase to mean "a hacker or group of hackers working together, from a number of different computer systems worldwide". In other words - if I want to orchestrate a 'coordinated attack' attack on the Pentagon, I hack into a dozen different systems, from .edu to .jp and use those systems to launch the attack. As Steve Northcutt says - "..how many people are driving it [the coordinated attack] is not clear." >Numerous reporters have described the exploits of pimple-faced brats who >regularly download top-secret nuclear codes, information on covert troop >deployments, and personnel medical records. Indeed, NBC's own reporters >spoke to at least two defense sources who discussed the contents of a >"top-secret intelligence document written in 1996." Given all this I think that the 1996 document was probably referring to efforts by France and Israel's intelligence agencies to conduct espionage against the United States by hacking into US computers, as opposed to attempts by those countries, or "cyberterrorists" based in those countries, to launch an information warfare attack on the United States. There is a subtle (but important) difference between hacking into computers so you can pull information off them (i.e. intelligence gathering) and probing them as a precursor to launching an information warfare attack to crash/disable them. France is well-known in Europe for it's slightly ruthless and mercenary attitude towards National Security, and it wouldn't surprise me in the slightest to discover that they were attempting to obtain commercial intelligence from the US by using cracking techniques. After all, the US had a couple of people expelled from France a few years back after they tried to bribe French officials involved in the GATT negotiations to provide them with inside info on the French negotiating position (or something along those lines). As for Israel, I continue to find it absolutely hysterical that the United States gives grants or something like $2bn each year to a country which (a) is a right-wing religious nation-state (not all that different from Iran, really), (b) has an atrocious human-rights record, and (c) has a long history of spying on America. Someone's being played for a sucker and it's not Israel. >openness and sharing of classified information, I find it difficult to >believe a worldwide cyberterrorist conspiracy failed to obtain any >classified data. I suspect that, whilst classified information is kept on a physically seperate network (e.g. SIPRNet), it's highly likely that data on unclassified networks can be relatively easily gathered and, if analysed properly, could yield conclusions which would, in themselves, be regarded as classified data. Let me illustrate what I mean with an example: The Government decides to launch a secret manned mission to Mars. All information regarding the mission is classified "Top Secret" or whatever, and the computers which hold any data relating to the mission are kept on a seperate network. An astronavigation expert who lectures on the subject at MIT and a spaceship designer from the JPL are attached to the project as part-time consultants - i.e. they spend part of their time at the 'Top Secret' site, and the rest of the time doing their normal jobs. At some point, an issue concerning the life support system arises and one sends the other an email with references to oxygen tanks, carbon dioxide levels and the Lagrange point which lies between Mars and Earth. Someone who is aware that one or both of the individuals involved are doing some part-time that they can't talk about, intercepts the email by hacking the mail server at either JPL or MIT, reads it, and draws the conclusion that a manned mission to Mars is being planned. Now, obviously, this is straying away from the realm of info security from a technical point of view, and into general loose-lips-sink-ships-type security, but ignoring the "soft" or human element in any security setup is something one does at one's peril. The Dodger -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:52 PDT