11-24-2008, 08:21
|
#1
|
|
Quiet Professional
Join Date: Aug 2004
Location: NorCal
Posts: 15,370
|
Military Looking Abroad for Source of Cyber Attack on Pentagon
http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/
The Pentagon has suffered from a cyber attack so alarming that it has taken the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD's.
http://www.foxnews.com/politics/2008/11/21/source-cyber-attack-pentagon-come-china/
The cyber attack on the Department of Defense that has led to a ban on the use of external hardware devices could have come from a number of foreign countries, possibly Russia, though the military is dismissing earlier reports that China was the source of the threat. 
Richard's $.02 
__________________
“Sometimes the Bible in the hand of one man is worse than a whisky bottle in the hand of (another)… There are just some kind of men who – who’re so busy worrying about the next world they’ve never learned to live in this one, and you can look down the street and see the results.” - To Kill A Mockingbird (Atticus Finch)
“Almost any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.” - Robert Heinlein
|
|
Richard is offline
|
|
|
11-24-2008, 08:33
|
#2
|
|
Quiet Professional
Join Date: Jun 2007
Location: Sneaking back and forth across the Border
Posts: 6,690
|
Like I always say "Never let your guard down"
This is not new but it must have been a good one this time. Russia has shown a good capability at this. China is also good at Cyber warefare. We get hits at my office from China and NK on a weekley basis. Keeps the Tech staff working and gives them job security.
|
|
SF_BHT is offline
|
|
|
11-24-2008, 09:09
|
#3
|
|
Consigliere
Join Date: Jan 2004
Location: Free Pineland (at last)
Posts: 8,841
|
Since when is banning flash drives an "extraordinary" step? There definitely is a trend to do that to prevent IP theft from corporations.
|
|
Roguish Lawyer is offline
|
|
|
11-24-2008, 14:08
|
#4
|
|
Quiet Professional
Join Date: Apr 2008
Location: 18 yrs upstate NY, 30 yrs South Florida, 20 yrs Conch Republic, now chasing G-Kids in NOVA & UK
Posts: 11,901
|
Quote:
Originally Posted by Roguish Lawyer
Since when is banning flash drives an "extraordinary" step? There definitely is a trend to do that to prevent IP theft from corporations.
|
I'll have to ask my son-in-law. He's at Northrop-Grumman and I thought he told me they have just mandated that ALL TRANSPORTABLE company data be stored on flash drives with mega-encryption.
We were talking, a while back, about his frequent travels and the TSA statement that they can confiscate & copy anything you carry thru an airport for no reason..
Their encryption level renders the flash drive useless to anyone, even if one was to disassemble the stick and attempt to install the mem chip in another system..
That may be the thread with the Pentagon,, They can't tell what is in the flash-drive,, so they ban the use???
In the case of DVDs and JPEG pictures, they have a long history of hidden data and unless you know where to look, it is almost impossible to find.
So,, there is precedence,, geeks have known it for years... 
Problem is the physical size of the latest commercial Micro-SD is very very small and can carry 64GB. That is equivalent to my complete system, with 20,000 pictures and movies
http://en.wikipedia.org/wiki/MicroSD
Just read thru the articles,,, The threat was perceived to be somewhere on the GIG,, It could have been any PC connected in the Sand Box or any PC on any US military base or Embassy, in the world...
__________________
Go raibh tú leathuair ar Neamh sula mbeadh a fhios ag an diabhal go bhfuil tú marbh
"May you be a half hour in heaven before the devil knows you’re dead"
Last edited by JJ_BPK; 11-24-2008 at 14:17.
|
|
JJ_BPK is offline
|
|
|
11-24-2008, 14:24
|
#5
|
|
Guerrilla
Join Date: Jun 2008
Location: Canada
Posts: 334
|
Real Scary.
A couple of nights ago on the Discovery Channel there was a documentary (sorry I cannot remember the name of the program) about the threats of a cyber attack - viruses in particular - and as mentioned it is feared that such attacks will come from China or Russia.
The documentary mentioned the blackout that the eastern US and Canada had a few years ago and while it was classified as human error, this documentary argued that the power failure was due to a cyber attack.
It is unbelievable just how reliant we are on computers. The show concluded that the next world war will not be fought using bombs or weapons, but will be launched using computers.
As always I took the documentary with a grain of salt, but it was a little unnerving when they filmed a hacker break into a large international bank in about five minutes.
__________________
I’ve come to a frightening conclusion that I am the decisive element in the classroom. It’s my personal approach that creates the climate. It’s my daily mood that makes the weather. As a teacher, I possess a tremendous power to make a child’s life miserable or joyous. I can be a tool of torture or an instrument of inspiration. I can humiliate or heal. In all situations, it is my response that decides whether a crisis will be escalated or de-escalated and a child humanized or dehumanized.
--Haim Ginott--
|
|
Longstreet is offline
|
|
|
11-25-2008, 06:44
|
#6
|
|
Quiet Professional
Join Date: Aug 2004
Location: NorCal
Posts: 15,370
|
Cyber-threat was always an issue in NATO by the anti-war at any cost crowd; at that time it was mostly Dutch cyber-weenies attempting to break our systems.
Richard's $.02
__________________
“Sometimes the Bible in the hand of one man is worse than a whisky bottle in the hand of (another)… There are just some kind of men who – who’re so busy worrying about the next world they’ve never learned to live in this one, and you can look down the street and see the results.” - To Kill A Mockingbird (Atticus Finch)
“Almost any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.” - Robert Heinlein
|
|
Richard is offline
|
|
|
11-25-2008, 10:02
|
#7
|
|
Moderator
Join Date: Feb 2004
Location: Central Florida
Posts: 3,045
|
If they want to get serious they need to eliminate the people working from home. Their reliance on CAC readers to protect their network is absurd when you look at all the people that don't use firewalls on their personal PCs.
__________________
"Are you listening or just waiting to talk?"
Light travels faster than sound. This is why some people appear bright until you hear them speak.
"Fate rarely calls upon us at a moment of our choosing."
Optimus Prime
|
|
Kyobanim is offline
|
|
|
11-25-2008, 10:12
|
#8
|
|
Quiet Professional
Join Date: Jan 2004
Location: Free Pineland
Posts: 24,824
|
Quote:
Originally Posted by Kyobanim
If they want to get serious they need to eliminate the people working from home. Their reliance on CAC readers to protect their network is absurd when you look at all the people that don't use firewalls on their personal PCs.
|
They also refuse to extend the anti-virus and firewall protection license to retirees and contractors, although they have access to AKO.
TR
__________________
"It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat." - President Theodore Roosevelt, 1910
De Oppresso Liber 01/20/2025
|
|
The Reaper is offline
|
|
|
11-25-2008, 12:58
|
#9
|
|
Quiet Professional
Join Date: Jan 2004
Location: Colorado Springs
Posts: 4,535
|
Quote:
Originally Posted by Kyobanim
If they want to get serious they need to eliminate the people working from home.
|
No can do. National Security Presidential Directive 51 and Homeland Security Presidential Directive 20 mandate government agencies (including DoD) to establish, exercise and update Continuity of Operations (COOP) plans, to include social distancing and alternate work location operations.
|
|
Razor is offline
|
|
|
11-25-2008, 15:27
|
#10
|
|
Moderator
Join Date: Feb 2004
Location: Central Florida
Posts: 3,045
|
Quote:
Originally Posted by Razor
No can do. National Security Presidential Directive 51 and Homeland Security Presidential Directive 20 mandate government agencies (including DoD) to establish, exercise and update Continuity of Operations (COOP) plans, to include social distancing and alternate work location operations.
|
Ok, I can understand the need for spreading out or critical resources. I'm talking about the contract companies that have their employees working from home. Programmers, sysadmins, etc., that have access to the network. I know of 2 contractors who had their systems compromised while on CAC. The only repercussions from this was the offending parties had to re-take the IA classes and promise to secure their systems.
Also, the IA reqs say that if you work from home you are supposed to have anti-virus software, working firewall, and a seperate and securable workspace; i.e. secure room. Very seldom, if ever, is this verified.
__________________
"Are you listening or just waiting to talk?"
Light travels faster than sound. This is why some people appear bright until you hear them speak.
"Fate rarely calls upon us at a moment of our choosing."
Optimus Prime
|
|
Kyobanim is offline
|
|
|
11-25-2008, 16:20
|
#11
|
|
Area Commander
Join Date: Jun 2007
Location: San Antonio, Texas
Posts: 2,760
|
I notice that some of my acquaintances use wireless equipment, but fail to enable encryption, thus putting all of their traffic in the clear. Depending on permissions on their machine, files could be removed or added by others. In addition, the low-end firewalls included in home routers have a default password; sometimes, people don't change it. So even someone in general compliance with the regulations mentioned could have a system that wasn't secure.
But there is a deeper problem. Viruses are programs, so new ones can be written - which means that virus detection software cannot find any signature for the virus. That means that only the behavior of such software might trigger an alert - but since the software is widely available, a clever programmer might create an exploit, test it against off-the-shelf virus software, and then introduce it into a target network. There are freely available virus creation workbenches. An unsophisticated user can point, click, and create a custom virus - then share it. Of course, actions that interfere with systems are illegal - but creation of the virus is not.
I hasten to add that I am not giving away any secrets here. All of this is in the public domain on the web, easily accessed by everyone.
__________________
Carpe diem quam minimum credula postero
Acronym Key:
MOO: My Opinion Only
YMMV: Your Mileage May Vary
ETF: Exchange Traded Fund
Oil Chart
30 year Treasury Bond
|
|
nmap is offline
|
|
|
11-25-2008, 18:29
|
#12
|
|
Quiet Professional
Join Date: Jan 2004
Location: Colorado Springs
Posts: 4,535
|
Quote:
Originally Posted by Kyobanim
I'm talking about the contract companies that have their employees working from home. Programmers, sysadmins, etc., that have access to the network.
|
I agree that folks like you mentioned above, with enhanced network permissions and such should only be able do get to that access when physically on-site. Not being able to check and deal with work e-mails from home or while on the road/on vacation, however, is a substantial PITA and eats up valuable at-desk man hours that the good ol' US taxpayer is paying a pretty price to have wasted.
Quote:
|
Also, the IA reqs say that if you work from home you are supposed to have anti-virus software, working firewall, and a seperate and securable workspace; i.e. secure room. Very seldom, if ever, is this verified.
|
I have to back up TR's gripe on this one. Perhaps if DoD would stop treating contractors and retirees as second-class citizens in regards to licensing and purchase deals on AV, firewall, anti-spyware, USB drives with encryption and other protective hardware and software, there would be fewer breaches. If it touches your network, its a vulnerability, and its usually a hell of a lot cheaper to buy prevention than it is to pay for a clean up.
Quote:
|
Originally Posted by RL
Since when is banning flash drives an "extraordinary" step? There definitely is a trend to do that to prevent IP theft from corporations.
|
I can tell you that there will be a great deal of unclassified work that used to be done at home or on the road and was uncharged to the government that will now only be done at one's desk and will be fully charged.
|
|
Razor is offline
|
|
|
11-28-2008, 12:43
|
#13
|
|
Quiet Professional
Join Date: Dec 2006
Location: Pineland
Posts: 555
|
A computer-savvy guy here said that this was a low-risk problem that would have been caught had the Army used something other than a cheaper version of Norton- and that there was a patch out for this problem 5 months ago, but no-one bothered at DA to get it. Don't know if that is true- but I think it was "Wired" that said this seemed like overkill.
__________________
To an imperial city nothing is inconsistent which is expedient - Euphemus of Athens
|
|
bailaviborita is offline
|
|
|
05-29-2009, 19:24
|
#14
|
|
Guerrilla
Join Date: Jan 2008
Location: Northeast
Posts: 150
|
I suspect we'll be hearing a lot more about this.
Quote:
|
Originally Posted by The GhostNet BusterBy Vito Pilieci, The Ottawa CitizenApril 25, 2009
Ottawa's Rafal Rohozinski helped uncover an international espionage plot that has infected computers in high-ranking offices around the world. Now the sought-after expert is warning the world about the cyber wars to come.
OTTAWA — In recent days, Rafal Rohozinski has found international law enforcement officials and high-tech security experts keen to pick his brain.
The 43-year-old chief executive of the SecDev Group, an Ottawa-based computer consultancy, has been jetting to jangle the alarms about the next big thing in cyber-espionage.
He's become a go-to guy ever since he and his colleagues in Canada and abroad revealed the GhostNet, a covert network of more than 1,300 compromised computers worldwide in foreign affairs ministries, embassies, news media and international organizations, including the offices of the Dalai Lama.
The hackers, linked to servers in China, gained total control of the infected machines. They could download files and even activate microphones and web cameras.
Thanks to the GhostNet probe, which also included investigators at the University of Toronto's Citizen Lab, Rohozinski has been making quick converts to the proposition that what happened is nothing less than the way in which war will increasingly be waged.
|
Source
Quote:
China's global cyber-espionage network GhostNet penetrates 103 countries
A vast Chinese cyber-espionage network, codenamed GhostNet, has penetrated 103 countries and infects at least a dozen new computers every week, according to researchers.
By Malcolm Moore in Shanghai
|
Secondary Source
|
|
ACE844 is offline
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 05:19.
|
|
|
Linear Mode
