Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
attacks on pentagon computers
- From: Paul Howell
- Date: Thu Mar 04 19:37:27 1999
at http://abcnews.go.com/sections/world/DailyNews/pentagonrussia990304.html
Target: Pentagon
Cyber-Attack Mounted Through Russia
By Barbara Starr
ABCNEWS.com
W A S H I N G T O N, March 4 ? The Pentagon?s
military computer systems are being
subjected to ongoing, sophisticated and
organized cyber-attacks, officials there tell
ABCNEWS.
And unlike in past attacks by teenage hackers,
officials believe the latest series of strikes at
defense networks may be a concerted and
coordinated effort coming from abroad.
Until today, the Defense Department had not
publicly acknowledged this latest cyber-war.
But in an interview with ABCNEWS, Deputy
Defense Secretary John Hamre, who oversees all
Pentagon computer security matters, confirmed the
attacks have occurred over the last several months
and called them ?a major concern.?
?This is an ongoing law enforcement and
intelligence matter,? said Hamre, who last month
briefed the House Armed Services Committee on the
attacks in a classified session.
Firewalls Breached?
The investigation is looking at a pattern of attacks
that has not been seen before. Officials tell
ABCNEWS there are several matters under
investigation, and it is not clear to what extent the
cyber-attacks are all linked.
Sources insist no classified networks have been
breached, but they do say attacks have been aimed
at sensitive information that may be ?locked? behind
firewalls and computer passwords.
Officials believe some of the most sophisticated
attacks are coming from Russia. Federal
investigators are detecting probes and attacks on
U.S. military research and technology systems ?
including the nuclear weapons laboratories run by
the Department of Energy.
What is not clear, however, is whether the
attacks are coming directly from Russia or whether
the probes are coming from other countries that are
simply routing through Russian computer addresses
to disguise their origin.
Initial indications are that, wherever the probes
and attacks are originating abroad, they are not from
individuals. But U.S. officials say they would treat
any Russian threat similarly whether it comes from
the government, industry or high-technology
interests.
A Russian Gateway for Espionage
The U.S. National Counterintelligence Center, or
NACIC, which monitors espionage activities
worldwide, has been tracking the threats posed by
lack of official security systems on Russian
computer networks for some time. A September 1998
NACIC report noted Kremlin statements that foreign
secret services were regularly penetrating Russian
computer networks.
U.S. officials believe, however, that there may be
an even more disturbing problem: Foreign
government hackers may be getting help from
within the U.S. government.
?We are increasingly concerned about those who
have legitimate access to our networks ? the
trusted insider,? Hamre told the House committee in
a written statement on Feb. 23. ?I cannot emphasize
strongly enough the seriousness of the insider
threat to our information systems and, through
those systems, to the Department?s operations.?
Senior Defense Department officials are being
briefed regularly on the investigations into the
insider threat.
Congressional Concerns
Indeed, the Pentagon has quietly established a new
organization ? the Joint Counterintelligence
Evaluation Office ? which is tracking foreign
intelligence services attempts to gain access to
critical Defense Department technologies as well as
their attempts to penetrate information
infrastructure and U.S. military operations. All of the
military services are beefing up their own
counterintelligence efforts as well.
Hamre?s closed-door appearance has sparked a
new round of concerns in Congress. Pentagon
computer systems are probed about 60 times a day
with as many as 60 actual computer attacks each
week. Many of these are from more typical hackers,
and the Defense Department has the capability to
freeze out access to government networks.
But the current situation is far more serious,
according to Congress. Rep. Curt Weldon, R-Pa.,
chairman of the House Armed Services Research
and Development Subcommittee, told ABCNEWS:
?What we?ve been seeing in recent months is more
of what could be a coordinated attack, that could be
some attack we have not yet fully uncovered that
could be involved in a very planned effort to acquire
technology and information about our systems in a
way that we have not seen before.?
Testing Security
In February 1998, Pentagon computers were attacked by hackers in what
was then characterized as one of the most serious computer intrusions to
date. A series of attacks known as ?Solar Sunrise? targeted Defense
Department network domain name servers, exploiting a vulnerability in
the Solaris Operating System that runs many of the computers.
The attacks were thought to be a preliminary attempt for a
widespread attack on the entire Pentagon information infrastructure. The
attacks also were especially sensitive because they came at a time when
many elements of the Defense Department?s computer network were
being used in preparation for possible military operations against Iraq.
Subsequently, the Pentagon conducted its first large-scale exercise
designed to test the ability of the military to respond to an information
attack. The ?Eligible Receiver? exercise demonstrated that the Pentagon
and the intelligence community had little capability to detect or assess
cyber-attacks.
Since then, the Pentagon has made several efforts to improve
network security and its ability to detect intrusions and attacks. But while
the system may be in better shape than it was last year, officials are
urgently trying to find the latest attacker and stop the cyber-war before
U.S. national security is compromised.
|
