Slashdot Mirror
US Busts Military Network Hacker
yorgasor writes " KATU has an article announcing the case of a mysterious hacker who has broken into roughly 100 military networks has been solved. The hacker is a British citizen and authorities were considering extradition for the case. Although no networks containing classified information were compromised, they do consider the hacker to be a professional rather than recreational due to the large number of networks he hacked."
Obviously a pro, anyone who bats higher than 100 hacks is destined for the pros. Is there sponsorship for this wonderful sport of hacking?
Ignore the "p2p is theft" trolls, they're just uninformed
They're a bunch of computers connected together with "cat-5" cable. We run high tech programs like "MS Outlook" and "Microsoft Office" coordinated by a really fucking slow "Exchange Server." Pretty trippy huh?
Tracer
USMC
Not Commanding
It will be interesting to see if the US are actually able to extradite a Brit for having commited cyber crimes. Wouldn't the penalties be a fair bit harsher over the pond than in Europe?
ISO certified == THX certified
You're right. It couldn't have been anything "THAT" serious.
Want to know why? Do a google search on SIPRNET.
There's a nice, safe air-gap between your local Internet connection and anything "THAT" serious on military networks.
What you want is irrelevant; what you've chosen is at hand! - Spock, ST VI
Closed Source
Admin'd by a Private Buisiness
Secured by Microsoft
Run by volunteers at each polling place.
Kinda makes you wonder if you really did/will vote, eh?
If this guy does get extradited to the US, I bet he'll be working for someone in a five-sided building real soon.
100 sites seems a bit much to me. I wonder if they let him work for some time before moving in just so they could judge how good he was or perhaps who else he was connected to. Sort of a military honey pot.
NO! NO! don't mod me! I'm too young to die a troll. {click} Oh the pain, the pain...
Slashdot, home of supporters of free software, free music, and free speech.Except for Moderators that disagree with you.
Bah you wouldn't have stood a snowflakes chance in hell with out the Russians and you know it.
...the British have TWICE attacked the United States for no good reason and lost. OK, it's been a few years, but do we KNOW this guy wasn't OSS? The British have been known to carry grudges.
Seriously, I would not argue that Britain is totally dependent on the U.S., and certainly not control by our military policy (they can defend themselves against, um, the French?). It just looks that way because they're the only ones (the gov't anyway) who agree with the U.S. half the time on international issues.
They should just scrap the term hacker and call him a terrorist, because thats what breaking into the US millitary is, terrorism.
Wow, that's a pretty extreme definition of terrorism.
There is a difference between breaking into a companies network out of curiosity and breaking into a millitary network.
hmmm... Are you saying that morality can be judged as a function of whether or not a particular act is committed against the state or a private company? I agree that if info. had been stolen that it would be a very bad thing, but since nothing broken into was classified ??? I'm not sure we know that he did anything other than make some web/sys admins look bad.
I can tell you right now I would not be amused if someone hacked into my systems because they were curious. I wouldn't take any legal action unless someone actually took intellectual property, but I'd probably 'hack' my sysadmin a new one!
All of that being said, I say hang him upside-down for 20 years and then turn him rightside-up for another 20.
porn*! - hanging upside-down for almost 20 minutes now!
There's a nice, safe air-gap between your local Internet connection and anything "THAT" serious on military networks.
yeah, until some yahoo with clearance takes his personal laptop and plugs it into SIPRNET. And yes, it has happened. I think Bruce Schneier mentioned dumb stuff like this in a cryptopane issue...
filter: +3. Hey, look! all the trolls went away!
It's a pretty MS-centric environment, at least from the user end. Outlook, MS Word, IE, etc, etc. Somebody already mentioned Exchange.
However, there are some non-MS systems in use, including some unix variants. Geeks are geeks, military or not... they need something to play with.
I'm not a systems guy, just a geek in an allied field. I have not even attempted to look around our network for one main reason: Even looking will get you a visit from the OSI, or some other type of spook... not fun. I would rather not be doing my job in a federal prison complex somewhere.
I always rap with the systems types when they come around to reimage a system or some other support task. They were NOT supportive when I was discussing the feasibility of running NMAP behind the firewall. Nice guys though...
One might not imagine how loosy office networks are, no matter what kind of department behind it. Policies usually restrict the transfer of confidential data from restricted area to office environment. However, no security policies can safeguard confidential data from human stupidity. :)
:)
I'm pretty sure this guy has gathered a lot confidential information(aka profitable) this way.
There's a nice, safe air-gap between your local Internet connection and anything "THAT" serious on military networks.
Of course there is a safe-air gap, but unless every machine allowed to connect to those networks is physically locked down, every IO port disabled, and every removable media drive locked with a physical device, you're going to have people downloading sensitive material and moving it on to unsecured networks.
Granted it's been a few years, but I have seen young underpaid geeks walk up to such systems wearing paper badges with "NO CLEARANCE" stamped in red ink on them, and proceed to insert floppy disks into said systems in order to defragment drives or install drivers.
A chain is only as strong as its weakest link.
military cyber-guards.
.mil and *all* of it was easily readable by the viewer....
I was watching this discovery channel documentary and there was this military type, jar-head cyber guard guy. He was standing there talking about how they monitor all the traffic on their networks, and keep a close eye out for any signatures of attack.
He was stressing how secret they keep all their information about their networks - that they dont let anyone know even their IP sets assigned to different networks, and that this information could help an attacker find out the machines they would need to attack.
The whole time he was talking about this - he was standing in front of a bunch of monitors, and the ones to the left of him was scrolling some sort of log and it was showing IPs to hostname mappings and some traceroutes as well. They were all in the really low IPs - and their hostnames were all
and i do not think it was something that was done on purpose and made to look like an accident. Not by the way these people were acting.
especially since they avoided filming any of the screens that people were working on.
So I am not too surprised.
I do consulting computer work in the military... the ones that I work at, the network admin should be shot for the big holes. Like giving desktop client computers fully qualified internet ip address just for the hell of it. allowing external access to internal equipment that doesn't need to be accessed externally. The information that can be accessed is sensitive. I am no pro, but I secure my home computer better. I don't want to go into much detail, but it is pretty sad.
just my 2 cents
Just because they haven't come for you, doesn't mean they don't know.
Generally, law enforcement (usually with organized crime or the white-collar variety) will track a suspect for a while, gathering evidence. You'd be amazed at the truckload of intelligence data amassed during a large narcotics investigation. (I never worked computer crimes).
The point is, why bust the guy after the first "penetration" so he gets probation? If you feel he's a threat, then you wait, let him continue to add to the charges, then pop him and put him away for a long stretch. They probably "had him" long before they busted him.
note: anyone cracking US government networks, either has an agenda or is incredibly self-destructive.
Work is punishment for failing to procrastinate effectively.
Because it's gauranteed to elicit responses like yours, followed by more page views, followed by more ad revenue. Frankly, I'm surprised I had to scroll this far down to read this post, which I anticipated as soon as I read the headline.
Do you think the /. editors aren't aware of this little linguistic duel? This, BTW, is also the same reason they don't really care about polishing the stories, and may in fact be intentionally putting little grammar and spelling gaffes into them--more page views, more ad revenue. I put forth that theory many posts ago; though I don't claim to be the originator of it.
At any rate, "cracker" is already reserved for crazy people, a racial slur used against Whites by Blacks, and most commonly a crunchy snack food. Overloading it any further just didn't make sense. Hacker can be used exclusively for those who break into computers as far as I'm concerned. We already have many thesaurus entries with less sinister connotations: geek, nerd, guru, and hobbiest, all of which may be modified with "computer" as an adjective when the context is unclear (which it usually isn't). Speaking of context, when modified with the name of something (e.g., Linux hacker, assembly hacker) the word regains its positive connotation; but you still need to be careful when using it in the company of laymen.
At any rate, I seem to recall a time when the /. editors were on the side of the purists; but that time has passed. Some may choose to look back to a time before /. "sold out". I prefer to think that the battle is over and the "cracker" advocates lost.
However, I will give you guys something in your favor. Use of the term "safe cracker" persists so we have introduced yet another context-sensitive rule into the English language, making it that much harder for people to learn the language.
Could it be simply that "computer cracker" is too aliterative and just doesn't sound right? Also, a safe cracker may literally have to crack (break) something to get in, whereas a hacker (a good one anyway) usually doesn't break anything.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
You can bet your sweet ass that was sanitized screens you where looking at. When I worked in the navy command center we where frequently visited by the press and if they had camera's we threw bogus stuff on the screens to sanitize the area before entry. So what you see is completely bogus smoke and mirrors.
Got Code?
Well, jokes about "Military Intelligence" aside, there's also the possilility that they took that long to gather enough evidence to create an airtight, "slam-dunk" case.
I work for a company that's cooperating with the FBI in a particular financial investigation. They know exactly who the bad guy is: name, address, MO, everything. They've known for a while, they're just waiting to gather more evidence, and are probably hoping the bad guy will lead them to more bad guys...
Keep in mind also the potential difficulty of getting foreign ISPs and LE agencies to cooperate. Even if they're willing, that kind of organization is *very* difficult, when there aren't pre-existing lines of communication, procedures, etc.
They should just scrap the term hacker and call him a terrorist, because thats what breaking into the US millitary is, terrorism.
No, it is not. Terrorism is the use of terror tactics against a civilian population (which presumably isn't able to defend itself). Attacking military targets is perfectly legitimate acts of guerilla warfare, and the perpertrators of such are entitled to be treated as prisoners of war, and not this "enemy combatant" category that Bush invented.
So:
* attacking that supertanker the other month - terrorism.
* ramming the Cole - legit.
* blowing up the WTC - terrorism.
* blowing up the Pentagon - legit.
* shooting off-duty US marines in Yemen - legit.
* hacking military bases - legit act of war, or civil crime. Definitely not terrorism.
* dropping a 2000 pound bomb on a wedding party - a regretable accident.
Essentially, any act against a government office or military base would be a legitimate act of war.
And I've seen sysadmins with twelve years experience on "classified" systems accidentally break their security systems... or deliberately break their systems... for the sake of convenience.
It makes me sick.
[signature]
I dont think its so unreasonable to think that this guy could be a pro, many people have said that just becuase he has hacked tha many networks he isnt a pro, which is true. But i think that it is not unreasonable to assume that for him to be good enough do this, he could well be a pro, even if he wasnt bing payed for these specific hacks.
wish i didnt have to post as an anon coward, but ive forgotten my nick/pass time to sign up again i guess!
You mean info such as where people live? It's not like Al Queda would want info like that or anything ...
The present US govt. will not allow the extradition of US citizens by the ICC for the most serious crimes, war crimes, mass murder etc. So why should anyone allow extradition to the US for lesser crimes committed outside its jurisdiction? Either the Bush government recognises that all states and citizens have legitimate cross-border security interests, or it doesn't. At the moment, it recognises them in a very one-sided way (You can prosecute Milosevic, but not Kissinger.) It also has a habit of tearing up international treaties. So why should other states recognise treaties with the US? This is a no-brainer. If Bush wants to be isolationist, fine. If he wants to be internationalist, better. But saying "I can be isolationist in my interests but internationalist when I want something from you" - Tony Soprano government.
Panurge has posted for the last time. Thanks for the positive moderations.
FYI, the base networks are about as secure as the average company's network (in other words, not very).
.mil sites are the Holy Grail of crackers/hackers. Far more street cred if you can gain entrance to whatever.mil, rather than JoesFlowerShop.com.
Actually, no, they are probably more secure. The average military base takes hundreds, thousands of unauthorized hits every day, simply for being what they are. A fat juicy target. Far more than the average corporate network.
My last base, Langley AFB, was a HUGE target. ACC headquarters, and also a bit of name confusion (people were thinking CIA HQ in Langley, VA). We had a special team set up, whose only function was to ward off intrusion attempts, and DoS attacks. For a couple of week stretch once, we were getting 10's of thousands of spurious emails per day. I believe someone got busted behind that too.
You have no clue what you are talking about. Do you really think troop movements are done via unclassified networks? It's all done through AUTODIN via messaging, or through DMS, which requires a ISSUED Fortezza card to release the message. I don't think a hacked email/message coming from "Doe Col John A" saying to move "10,000 troops to Luxembourg" would be taken seriously. It was most likely some unpatched IIS servers that were servers as www.wherever.service.mil. Sure, those IIS servers should be patched, but the crap it takes to get it authorized is insane. We're still waiting to stand up a single Win2k Server (without AD). Of course, in the Navy/Marine Corps, everything IT is essentially "on-hold" for NMCI. You think this will be any better when EDS takes over the unclassified networks for 1/2 the military?
mcox.com - Useful Information re: IT, Running, Fitness, Finance, or Ann Arbor!