Slashdot Mirror

← Back to Stories (view on slashdot.org)

State Department Hit With Many More Break-Ins

Posted by ryuzaki0 on from the crackers-and-hackers-and-press-oh-my dept.

adjust28 writes to tell us CNN is reporting that the US State Department has been dealing with a number of computer break-ins with regards to their headquarters and offices dealing with China and Korea over the past couple of weeks. From the article: "Investigators believe hackers stole sensitive U.S. information and passwords and implanted backdoors in unclassified government computers to allow them to return at will, said U.S. officials familiar with the hacking."

7 of 143 comments (clear)

  1. Re:Ask Slashdot: Why do gov't 'puters have net acc by penix1 · · Score: 3, Informative
    Paperwork Reduction Act

    B.

    --
    This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
  2. Re:And this is bad? by CRCulver · · Score: 1, Informative

    Do we really want have a goverment that can keep things secret? A state that can keep things from being investigated by having it totally secure, privileged eyes only, any leak easily traced? I think not. Just remember the whole fuzz about journalists being bugged so that anyone calling them with secret information can be traced. How can the press then do its job?

    The Pentagon Papers trial created a fine balance that is worth preserving. The government can keep things secret in the interest of security, but at the same time it's not illegal for the press to print whatever is leaked to it. It's, on average, a win-win.

  3. Re:Ask Slashdot: Why do gov't 'puters have net acc by TrappedByMyself · · Score: 3, Informative

    Ask Slashdot: Why do gov't 'puters have net access?

    Why shouldn't they? They need to do work and send email to people outside the government like the rest of us. How do you think, for example, all the tax forms show up on IRS.gov? Magic?

    Classified computers do not have access to the normal internet, so when you see these break-in stories, no classified information was compromised, unless some dope went out of his way to get info from a class system to an unclass one.

    --

    Help me take back Slashdot. When did 'News for Nerds' become 'FUD and Conspiracy Theories for Extremist Nutjobs'?
  4. Re:Cracking vs. Hacking by cshirky · · Score: 3, Informative

    This battle has been fought and lost. The term 'cracker' was a belated attempt to create a good witch/bad witch distinction after the press took a dim view of hacking, but it is totally artificial. To take but one example, Ken Thompson's seminal Reflections on Trusting Trust, spends some time moralizing (his word) about the 414 and Dalton gangs, saying "The acts performed by these kids are vandalism at best and probably trespass and theft at worst. It is only the inadequacy of the criminal code that saves the hackers from very serious prosecution." This is from the mid-80s, when breaking and entering was clearly described as hacking by one of the giants of the field. Hacking historically covered all forms of unapproved exploration of computer systems; in a more halcyon time, the gray area was wide, and the black area was not too black. Times have changed, but the fact that some hacking is now explicitly criminal, as Thompson predicted, does not make it not hacking.

  5. Re:The horse has bolted by Tony+Hoyle · · Score: 2, Informative

    It depends which version... MS are slowly getting the 'secure by default' idea, and Win2003 is reasonably secure out of the box. It remains to be seen what happens with vista.. I suspect UAC will be weakened in the same way that NX was in XP, simply to 'improve the user experience'.

  6. Re:Lack of motivation by MECC · · Score: 2, Informative

    Has everyone forgotten about FIPS-181? Making a non-word password pronounceable at least increases the chances it won't get written down. Then at least if someone steals one part of two factor authentication, there's less of a chance that the password hasn't been lifted as well.

    --
    "We are all geniuses when we dream"
    - E.M. Cioran
  7. Re:Ask Slashdot: Why do gov't 'puters have net acc by jferguson · · Score: 4, Informative

    At least as of five years ago, most State Department computers had a single monitor, keyboard and mouse plugged into a switch that in turn ran to two different CPUs. One CPU, with big red stickers on it, was the classified ("class") machine; the other, with big green stickers on it, was the unclassified ("unclass") machine. The class machine had an ethernet hookup to the State Department intranet, to handle Lotus Notes and access to Cable Express, the computerized version of State's old Telex cable system. That intranet was completely disconnected from the internet. The unclass machine had a connection to the internet.

    The hard disk in the class machine had a barrel lock on it. At the end of the working day, you powered down your machine, unlocked and removed the hard drive, and locked the drive in your safe. (The safe is less fancy than it sounds: a standard four-drawer file cabinet with two u-flanges welded onto it; you slid a long steel bar through both flanges and padlocked it into place. Cheap, but pretty effective.) The unclass machine's hard disk remained in place, and those machines were rarely turned off.

    As the story mentioned, most of the hacks target unclass machines, for the simple reason that they can't reach class machines. Give State some credit; on the hardware side at least, they did the right thing by building two networks.

    The problem with this setup is this: say you're writing a report that will include some classified information but that will also have background research perhaps from the internet. In theory, you should write the report on the class machine. You should do the internet research on the unclass machine, write up whatever you want to add to the report, copy it to a floppy or flash drive, and copy it onto the class machine. The document from the class machine should never appear on the floppy or the flash drive, much less the unclass machine. In practice, as you can imagine, people often put the file on the portable medium so that they can avoid wrangling with version control (most foreign-service officers don't know what version control is, but they know they don't like to wrangle with it). Once you start doing that, it's only a matter of time before classified information ends up on an unclassified machine.

    Just for the record, a lot of classified information is, frankly, uninteresting. If an embassy staffer covers a rally in the foreign capital and writes a cable that has six paragraphs of description of the rally and one paragraph of commentary on the rally, he'll often mark his comments confidential; this in turn makes the cable classified. This tendency to classify TOO MANY THINGS only adds to the report-writing problem I mentioned above, since often the necessary reference material is unclassified description within a classified cable.

    Frankly, if you can come up with a way to sort out this state of affairs, I think the State Department would be pretty willing to listen to it. At least, based on watching diplomatic security officers tear their hair out at the potential security breaches that their own employees commit, I think they would be.