[ISN] Chinese hackers prompt Navy college site closure

From: InfoSec News (alerts@private)
Date: Thu Nov 30 2006 - 22:34:48 PST


http://washingtontimes.com/national/20061130-103049-5042r.htm

By Bill Gertz
THE WASHINGTON TIMES
November 30, 2006

Chinese computer hackers penetrated the Naval War College network 
earlier this month, forcing security authorities to shut down all e-mail 
and official computer network work at the Navy's school for senior 
officers.
    
Navy officials said the computer attack was detected Nov. 15 and two 
days later the U.S. Strategic Command raised the security alert level 
for the Pentagon's 12,000 computer networks and 5 million computers.
    
A spokesman for the Navy Cyber Defense Operations Command, located in 
Norfolk, said "network intrusions" were detected at the Newport, R.I., 
military school two weeks ago.
    
"The system-network connection was terminated and known affected systems 
were removed and are being examined for forensic evidence to determine 
the extent of the intrusion," said Lt. Cmdr. Doug Gabos, the spokesman.
    
"The Naval War College computer system-network is used by students at 
the war college and contains Navy Professional Reading Program and other 
materials, all of which are unclassified information."
    
The FBI and Naval Criminal Investigative Service are investigating the 
breach, another official said.
    
The Naval War College trains senior officers, conducts war games and 
carries out some classified research such as studies of future warfare. 
The college's Web site was not accessible yesterday.
    
Adm. Michael Mullen, chief of naval operations, recently directed the 
war college's Strategic Studies Group to begin work to develop concepts 
for waging cyber-warfare, a Navy spokesman said.
    
"The Naval War College is where the Navy's Strategic Studies Group is 
planning and practicing cyber-war techniques, and now they don't even 
have e-mail access," one U.S. official said.
    
U.S. defense officials said intelligence reports indicated that the 
cyber-attack on the college came from China, which a recent 
congressional report said has begun a series of computer network attacks 
against defense and military systems in the United States code-named 
"Titan Rain."
    
Retired Air Force Maj. Gen. Richard Goetze, a Naval War College 
professor, told a class Monday in Washington that Chinese computer 
hackers were behind the network attack. Gen. Goetze told students that 
communications were hobbled because the Chinese "took down" the entire 
Naval War College computer network.
    
Students and professors at the college now have to use private e-mail 
from home, raising security questions.
    
Cmdr. Gabos declined to comment on the origin of the attack. "The nature 
and extent of intrusion are operational issues," he said. "I can tell 
you it was an isolated incident and did not affect other elements of 
Department of Defense."
    
However, the U.S. Strategic Command, which is in charge of Defense 
Department computer warfare and defenses, issued a directive about the 
time the attack was detected ordering all defense computer users to 
heighten security by changing passwords.
    
The Strategic Command directive stated that the "information condition" 
was to be raised Nov. 17 from Infocon 5 to Infocon 4, or heightened 
alert against attack.
    
Alan Paller, a computer security specialist with the private SANS 
Institute, said the Chinese network attack against the war college is 
"the tip of the iceberg."
    
"The depth of the penetration is more than anybody is even admitting," 
he said in an interview. "People are trying to hide this because they're 
embarrassed."
    
Mr. Paller said the Chinese military's doctrine calls for waging 
cyber-warfare against computer networks. "Part of it is gathering data 
and part is leaving a back door so they can get in [to military 
computers] in the future," he said.
    
The annual report by the U.S.-China Economic and Security Review 
Commission, released Nov. 16, stated that there are "clear examples of 
computer network penetrations coming from China," including those linked 
to Titan Rain.
    
The report said the Chinese military has "information warfare units 
[that] are developing viruses to harm the computer systems of its 
enemies."

Copyright 2006 News World Communications, Inc. All rights reserved.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Thu Nov 30 2006 - 22:42:36 PST