http://www.forbes.com/home/technology/2007/12/20/apple-army-hackers-tech-security-cx_ag_1221army.html By Andy Greenberg Forbes.com 12.21.07 Given Apple's marketing toward the young and the trendy, you wouldn't expect the U.S. Army to be much of a customer. Lieutenant Colonel C.J. Wallington is hoping hackers won't expect it either. Wallington, a division chief in the Army's office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack. That's because fewer attacks have been designed to infiltrate Mac computers, and adding more Macs to the military's computer mix makes it tougher to destabilize a group of military computers with a single attack, Wallington says. This past year was a particularly tough one for military cybersecurity. Cyberspies infiltrated a Pentagon computer system in June and stole unknown quantities of e-mail data, according to a September report by the Financial Times. Later in September, industry sources told Forbes.com that major military contractors, including Boeing, Lockheed Martin, Northrop Grumman and Raytheon had also been hacked. The Army's push to use Macs to help protect its computing corps got its start in August 2005, when General Steve Boutelle, the Army's chief information officer, gave a speech calling for more diversity in the Army's computer vendors. He argued the approach would both increase competition among military contractors and strengthen its IT defenses. Apple computers still satisfy only a tiny portion of the military's voracious demand for computers. By Wallington's estimate, around 20,000 of the Army's 700,000 or so desktops and servers are Apple-made. He estimates that about a thousand Macs enter the Army's ranks during each of its bi-annual hardware buying periods. Military procurement has long been driven by cost and availability of additional software--two measures where Macintosh computers have typically come up short against Windows-based PCs. Then there have been subtle but important barriers: For instance, Macintosh computers have long been incompatible with a security keycard-reading system known as Common Access Cards system, or CAC, which is heavily used by the military. The Army's Apple program, created after Boutelle's 2005 address, is working to change that. As early as February 2008, the Army is planning to introduce software, developed by Arlington, Texas-based Thursby Software, that will also enable Mac desktops and laptops to use CAC systems--a change that should make it easier to get Macs into the service. Though Apple machines are still pricier than their Windows counterparts, the added security they offer might be worth the cost, says Wallington. He points out that Apple's X Serve servers, which are gradually becoming more commonplace in Army data centers, are proving their mettle. "Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off," he says. Apple, which declined to comment, has long argued its hardware is less hackable than comparable PCs. Jonathan Broskey, a former Apple employee who now heads the Army's Apple program, argues that the Unix core at the center of the Mac OS operating system makes it easier to lock down a Mac than a Windows platform. And Apple's smaller market share has long meant that it didn't attract cybercriminals hoping to wreck the most havoc possible. "If you look at the numbers, you see that malicious software for Macs is very limited," he says. "We used to sell Apples by saying they don't get viruses." Of course, cyberspooks may be honing their Mac-attacking skills, too. An end-of-year report by Finnish software security company F-Secure highlights the growing number of hackers targeting Apple systems with malicious software, some of which could allow cybercriminals to steal security passwords. In the past two years, until this October, F-Secure found only a small handful of malicious programs targeting Macs. In the past two months, the company has found more than a hundred specimens of Mac-targeted malicious code. Charlie Miller, a software researcher with Independent Security Evaluators, worries that the Army's diversification plan isn't enough to thwart the bad guys. He sees a two-platform system as a "weakest link" scenario, in which a determined cyber-intruder will seek out the more vulnerable of the two targets. "In the story of the three little pigs, did diversifying their defenses help? Not for the pig in the straw house," he says. The marketing pitch that Apples are inherently more secure than PCs is also largely a myth, contends Miller, who gained notoriety for remotely hacking the iPhone last August. He points to data gathered by software security firm Secunia, which showed that Apple had to patch nearly five times as many security flaws in its software over the past year as Microsoft had to patch in Windows. Apple's Quicktime player alone, he says, was patched 34 times. "I love my Macs, but in terms of security, they're behind the curve, compared to Windows," Miller warns. But the Army's Jonathan Broskey stands by his claims of Apple's security: He says the high number of patches to Apple software is a good sign--evidence of the large community of developers actively working to tighten Unix programs and eliminate bugs. Nonetheless, like any responsible IT department, he says the Army's Apple program will closely monitor security updates to Mac-specific programs. "The Army's no different from any corporation," he says. Still, relative to corporate cybersecurity, Lieutenant Colonel Wallington points out, the stakes are much higher. A leaked deployment order, for instance, might reveal the path of a supply truck and the points where it could be sabotaged, he says. "This is information that affects the lives of soldiers and the civilians we're trying protect," Broskey adds. "It has to be safeguarded." __________________________________________________________________ Visit InfoSec News http://www.infosecnews.org/
This archive was generated by hypermail 2.1.3 : Mon Dec 24 2007 - 03:36:48 PST