[ISN] Pentagon computers tougher for hackers

From: InfoSec News (isnat_private)
Date: Tue Oct 29 2002 - 02:58:53 PST

  • Next message: InfoSec News: "[ISN] Dear Saddam, How Can I Help?"

    Forwarded from: Muhammad Faisal Rauf Danka <mfrdat_private>
    By Pamela Hess
    UPI Pentagon Correspondent
    From the Washington Politics & Policy Desk
    Published 10/28/2002 10:40 PM
    NASHVILLE, Oct. 28 (UPI) -- The Department of Defense's computer
    networks were probed by hackers 14,500 times last year, with just 70
    getting in. Of those, only three caused any damage -- and they were
    the same viruses that hobbled the private computer networks, according
    to the Army's chief of intelligence.
    The problem is not that hackers and virus-makers are getting better,
    but that relatively low-level systems administrators are failing to
    stop known gaps in their systems, said Lt. Gen. Robert Noonan, deputy
    chief of staff for intelligence, at a conference of electronic warfare
    professionals held here.
    "That's staggering," he said. "The major problem is that our people
    don't comply ... we put out patches, and systems administrators don't
    do what they should do."
    The Love Bug virus alone cost $8 billion to clear from military and
    civilian computers and networks, Noonan said.
    While the damage was significant, the military services have come a
    long way in combating a foe that once menaced them mercilessly: the
    hacker. In 1998 and again in 1999, the DoD revealed its computer
    systems were hacked.
    In the first instance, known as Solar Sunrise, it was a sustained
    attack on 11 networks carried out by two California teenagers under
    the guidance of an Israeli teen. In 1999, it was "Moonlight Maze," a
    more serious attack in that it seemed to originate from the Russian
    Academy of Sciences.
    Those systems helped spur the development of automated intrusion
    detection systems, which the military services now use 24 hours a day,
    seven days a week to monitor their networks for unauthorized users.
    "It's a huge improvement," Noonan told United Press International.
    "But the next step is we need to identify the intruder before he even
    gets in the system."
    That work, highly classified, is under way in the secretive National
    Security Agency, he said.
    Hardening the networks against intrusions or denial of service attacks
    is critical, especially if the United States is preparing for war. "We
    rely more on automated command and control that any other country," he
    Iraq's battlefield communications are also sophisticated and they are
    highly reliant on fiber optics networks, which present a daunting
    challenge to the intelligence world, which can't jam that type of
    system with traditional electronic warfare systems, Noonan said.
    "We have to get them off fiber optics" in the event of a war, Noonan
    If Iraq is pushed off the cable system -- which also underpins its air
    defense network -- it will have to switch to radio frequencies the
    United States military is better able to jam.
    Getting Saddam Hussein's forces off the sophisticated communication
    network will require a combination of fire-power -- targeting the
    right nodes -- and other means, which he declined to identify.
    He noted that Iraqi tactical forces like tanks use more traditional --
    and vulnerable -- means of communication, which makes the fighting
    easier. The problem is disrupting high-level command and control
    In other developments from the annual conference of Old Crows in
    The Navy wants to trade in its venerable EA-6B Prowler flying jammer
    for a souped-up version of the F/A-18 E/F Super Hornet and is hoping
    for the money to be approved by the Office of the Secretary of Defense
    in the 2004 budget, now being drawn up.
    The aircraft would not be available until after 2007 or even later,
    but a prototype with electronic warfare pods has already flown, said
    Rear Adm. John Cryer, who heads Naval Networks and Space Operations
    The Prowler has been at work since the Vietnam War and already the
    average airframe is 20 years old, he said. The Marine Corps will
    continue to fly the Prowler through 2012, he predicted.
    "This is really a national issue," Cryer said. "We will find ourselves
    on a battlefield opposed by a real enemy with a real ability to shot
    us down" and the Prowler will need an appropriate replacement.
    Navy aircraft carriers may soon give massive printing presses and
    cluster bombs a whole new mission -- a reflection of the service's
    growing involvement with psychological operations. PSYOPS, as they are
    known, are heavily reliant on the printing of flyers, which carry
    messages of peace or warning -- all an attempt to influence soldiers
    to put down their arms and civilians to work with American troops.
    Cryer worked in the new combined air operations center at Prince
    Sultan Air Base in Saudi Arabia, from which the air war in Afghanistan
    was run. Early in the conflict, it became clear to him that the
    Taliban and al Qaida were winning the information war.
    "It was our belief in the CAOC we were losing the information war
    early when we watched Al Jazeera. We came around but it took a lot
    longer than it should have."
    Cryer noted the Air Force -- which is land-based and therefore has
    access to standard printing services -- is much farther along in the
    PSYOPS world, particularly when it comes to distributing the messages.
    Dropping the leaflets has proven a challenge for the Navy, Cryer said.
    The service is now considering retrofitting Rock-eye Cluster Munition
    casings to release not bombs but political notes.
    The Air Force is also looking to strengthen its foothold in the world
    of information. It is toying with creating a new position in the
    service -- that of an "Influence Operator" who will be specially
    trained in culture and languages and will coordinate psychological
    operations, military deception and operational security.
    "It's probably true in all services that military deception and opsec
    are additional duties, and (we) don't get training or experience to do
    them properly," said Col. Chris "Bulldog" Glaze, deputy chief for
    information warfare in the Air Force plans and operations office.
    He stressed this initiative is still in the concept phase -- as a
    matter of fact, it hasn't even left the confines of his Pentagon
    office yet.
    Muhammad Faisal Rauf Danka
    Head of GemSEC / Chief Technology Officer
    Gem Internet Services (Pvt) Ltd.
    web: www.gem.net.pk
    Key Id: 0x784B0202
    Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B 
    784B 0202
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Oct 29 2002 - 05:22:34 PST