[IWAR] NSA infowar demonstration

From: Mark Hedges (hedgesat_private)
Date: Thu Apr 16 1998 - 17:31:17 PDT

  • Next message: Ann Rosenthal: "[IWAR] More Chiapas Strategizing"

    One thing we've noticed is the mil people have control of huge netblocks
    and seem to be able to completely remove them from the Internet at will,
    making them disappear, making them unrouteable, and making them invalid
    addresses, thereby 'covering tracks' (Navy in the case we tracked probing
    us... no big deal). NSA was nice enough not to turn off the power or take
    over U.S. Pacific Command in this demonstration... I wonder who else can do
    this kind of thing. -hedges-
    >X-Sender: honigat_private (Unverified)
    >Date: Thu, 16 Apr 1998 15:12:00 -0700
    >To: cypherpunksat_private
    >From: David Honig <honigat_private>
    >Subject: eligable receiver
    >Mime-Version: 1.0
    >X-Info: Amada Engineering's NT Server
    >Sender: owner-cypherpunksat_private
    >Precedence: first-class
    >Reply-To: David Honig <honigat_private>
    >X-Loop: cypherpunksat_private
    >    April 16, 1998
    >    Bill Gertz
    >    Computer hackers could disable military; System compromised in secret
    >    exercise
    >    Senior Pentagon leaders were stunned by a military exercise showing
    >    how easy it is for hackers to cripple U.S. military and civilian
    >    computer networks, according to new details of the secret exercise.
    >    Using software obtained easily from hacker sites on the Internet, a
    >    group of National Security Agency officials could have shut down the
    >    U.S. electric-power grid within days and rendered impotent the
    >    command-and-control elements of the U.S. Pacific Command, said
    >    officials familiar with the war game, known as Eligible Receiver.
    >    "The attack was actually run in a two-week period and the results were
    >    frightening," said a defense official involved in the game. "This
    >    attack, run by a set of people using standard Internet techniques,
    >    would have basically shut down the command-and-control capability in
    >    the Pacific theater for some considerable period of time."
    >    Pentagon spokesman Kenneth Bacon said, "Eligible Receiver was an
    >    important and revealing exercise that taught us that we must be better
    >    organized to deal with potential attacks against our computer systems
    >    and information infrastructure."
    >    The secret exercise began last June after months of preparation by the
    >    NSA computer specialists who, without warning, targeted computers used
    >    by U.S. military forces in the Pacific and in the United States.
    >    The game was simple: Conduct information warfare attacks, or
    >    "infowar," on the Pacific Command and ultimately force the United
    >    States to soften its policies toward the crumbling communist regime in
    >    Pyongyang. The "hackers" posed as paid surrogates for North Korea.
    >    The NSA "Red Team" of make-believe hackers showed how easy it is for
    >    foreign nations to wreak electronic havoc using computers, modems and
    >    software technology widely available on the darker regions of the
    >    Internet: network-scanning software, intrusion tools and
    >    password-breaking "log-in scripts."
    >    According to U.S. officials who took part in the exercise, within days
    >    the team of 50 to 75 NSA officials had inflicted crippling damage.
    >    They broke into computer networks and gained access to the systems
    >    that control the electrical power grid for the entire country. If they
    >    had wanted to, the hackers could have disabled the grid, leaving the
    >    United States in the dark.
    >    Groups of NSA hackers based in Hawaii and other parts of the United
    >    States floated effortlessly through global cyberspace, breaking into
    >    unclassified military computer networks in Hawaii, the headquarters of
    >    the U.S. Pacific Command, as well as in Washington, Chicago, St. Louis
    >    and parts of Colorado.
    >    "The attacks were not actually run against the infrastructure
    >    components because we don't want to do things like shut down the power
    >    grid," said a defense official involved in the exercise. "But the
    >    referees were shown the attacks and shown the structure of the
    >    power-grid control, and they agreed, yeah, this attack would have shut
    >    down the power grid."
    >    Knocking out the electrical power throughout the United States was
    >    just a sideline for the NSA cyberwarriors. Their main target was the
    >    U.S. Pacific Command, which is in charge of the 100,000 troops that
    >    would be called on to deal with wars in Korea or China.
    >    "The most telling thing for the Department of Defense, when all was
    >    said and done, is that basically for a two-week period the
    >    command-and-control capability in the Pacific theater would have been
    >    denied by the 'infowar' attacks, and that was the period of the
    >    exercise," the official said.
    >    The attackers also foiled virtually all efforts to trace them. FBI
    >    agents joined the Pentagon in trying to find the hackers, but for the
    >    most part they failed. Only one of the several NSA groups, a unit
    >    based in the United States, was uncovered. The rest operated without
    >    being located or identified.
    >    The attackers breached the Pentagon's unclassified global computer
    >    network using Internet service providers and dial-in connections that
    >    allowed them to hop around the world.
    >    "It's a very, very difficult security environment when you go through
    >    different hosts and different countries and then pop up on the
    >    doorstep of Keesler Air Force Base [in Mississippi], and then go from
    >    there into Cincpac," the official said, using the acronym for the
    >    Commander in Chief, Pacific.
    >    The targets of the network attacks also made it easy. "They just were
    >    not security-aware," said the official.
    >    A second official found that many military computers used the word
    >    "password" for their confidential access word.
    >      David Honig                   Orbit Technology
    >     honigat_private                  Intaanetto Jigyoubu
    >Clarke's Third Law: Any sufficiently advanced technology is
    >indistinguishable from magic.

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:07:27 PDT