News: LATimes: Cyber-attack on Defense Department computers raises concerns

FCLouie · Nov 28, 2008

FCLouie said: ↑

...
I have a feeling the Georgian government is considering a "private net" similar to what the US DOD has. ...
Click to expand...

Well, I guess I spoke too soon yet again. LATimes: Cyber-attack on Defense Department computers raises concerns

Reporting from Washington -- Senior military leaders took the exceptional step of briefing President Bush this week on a severe and widespread electronic attack on Defense Department computers that may have originated in Russia -- an incursion that posed unusual concern among commanders and raised potential implications for national security.

Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.

Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or "malware," apparently designed specifically to target military networks.

"This one was significant; this one got our attention," said one defense official, speaking on condition of anonymity when discussing internal assessments.
Click to expand...

Oh, great. I've know intrusion into secure nets is possible, but I guess I didn't remember something else I ran across months ago about front line officers using thumb drives to carry data from machine to machine.

The invasive software, known as agent.btz, has circulated among nongovernmental U.S. computers for months. But only recently has it affected the Pentagon's networks. It is not clear whether the version responsible for the cyber-intrusion of classified networks is the same as the one affecting other computer systems.

The malware is able to spread to any flash drive plugged into an infected computer. The risk of spreading the malware to other networks prompted the military to ban the drives.

Defense officials acknowledged that the worldwide ban on external drives was a drastic move. Flash drives are used constantly in Iraq and Afghanistan, and many officers keep them loaded with crucial information on lanyards around their necks.

Banning their use made sharing information in the war theaters more difficult and reflected the severity of the intrusion and the threat from agent.btz, a second official said.
Click to expand...

One has to wonder how involved the Russian government was considering the number of criminal intrusions that originate from eastern Europe. Another thing that has to be looked at is the possibility that Russia was the launchpad, but not the starting point. A number of other source countries/concerns come to mind, each with their own desire to test the DoDs computer security network. (Including someone with the DoD or US government. ) Either way, it sounds like the new asymmetric warriors from Hackerstan are going to be in demand as mercenaries for the foreseeable future.

CeltTexan · Dec 2, 2008

In WWII the DOD broke the Japanese Empire's secret code very early after Pearl. However, a wise enemy, our government, would allow their opponent to carry on as normal while all the time reading their mail. If our military had taken full advantage of the Japanese military's plans then the game is up and their version of the Japanese DOD makes a move to re-do their codes.

I mean the wisest hacker would almost be inclined to allow its victim to think that you have busted his ultra complex, state of the art malware and the case was solved; only in reality to see that hacker use that window as a way to rook the DOD from some other angle.

The odd thing about cyber attacks on the DOD's network is that our DOD have to bust the malware in progress or before it can do harm. It is a reactionary result.
Considering how covert the Pentagon really does operate in some corners of the global theater where cyber attacks can spawn, I would like to know how offensive minded their protection of the DOD network extends???