Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crackers Cause Pentagon to Put Computers Offline

Posted by CowboyNeal on from the better-safe-than-sorry dept.

Anarchysoft writes "As many as 1500 Pentagon computers were brought offline on Wednesday in response to a cyber attack. Defense Secretary Robert Gates reported of the fallout both that the attack had 'no adverse impact on department operations' and that 'there will be some administrative disruptions and personal inconveniences.' When asked whether his own e-mail had been compromised, Gates responded, 'I don't do e-mail. I'm a very low-tech person.'"

14 of 260 comments (clear)

  1. Gates onto something?? by Actually,+I+do+RTFA · · Score: 5, Insightful

    Gates responded, 'I don't do e-mail. I'm a very low-tech person.'"

    Actually, this makes Gates sound stupid but as a general rule don't put sensitive information on computers connected to the internet. The best security is not having the damn wires there in the first place. At the top levels of government, where nation-states are trying to install spyware, intercept and decrypt your packets, and otherwise penetrate your defense, maybe having one of a thousand aides sneakernet it is a good solution.

    --
    Your ad here. Ask me how!
    1. Re:Gates onto something?? by BrokenHalo · · Score: 5, Insightful

      It explains a lot, doesn't it?

      For once, I'm with him.

      Email is often ignored these days - in fact, its principal virtue seems to be the fact that it is so easy to ignore until such time (if then) as it suits you.

      Mr Gates probably gets more done (as do I, in fact) by picking up the phone.

    2. Re:Gates onto something?? by bstempi · · Score: 3, Insightful

      Mr Gates probably gets more done (as do I, in fact) by picking up the phone.

      This approach only works when you're at the top of the food-chain. Everywhere I've worked, the corporate culture has always emphasized "covering one's ass" more than actually doing business.

      For instance, PHB gives a subordinate an assignment and asks for X, Y, and Z. The subordinate then delivers X, Y, and Z. PHB then finds out that he fsked-up the requirements (because he's a PHB). Instead of taking the blame, his first instinct is to pass the blame to the subordinate. If it were not for email, it would simply become a he-said/she-said loop, with the manager always winning, simply because they are more trusted due to their title.

      I, like most human beings, would like to be able to actually talk with the people that I'm in close quarters with. It seems kind of silly that I have to send an email to the guy sitting next to me, but that's the reality. The business place is too cut-throat to ignore using a communications system that produces a paper trail.

  2. There's modern reporting for ya by kungfoolery · · Score: 5, Insightful

    I could think of a million important questions to ask in a situation like this if I were a reporter:

    "What specific systems were attacked?"

    "Do we have an idea as to who the attackers were? Al Queda? The Chinese?"

    "Were any intelligence reports lost? What steps are being taken to ensure the safety of individuals whose data may have been compromised

    etc, etc, ad naseum....,

    Instead, we get a single insipid question pondering the Secretary of Defense's private email habits and his moderately disturbing technophobic response. Sheesh.

    1. Re:There's modern reporting for ya by Anonymous+McCartneyf · · Score: 3, Insightful

      The fine article is originally from the AP, which I don't trust if there is anyone else covering the story. It is also simply covering a press briefing from the Pentagon.
      Important questions were asked, but the Pentagon simply didn't answer most of them.
      What specific systems? All we know is, the DoD Blackberries didn't get hit by this particular attack. We're also told that the Pentagon systems are attacked all the time.
      If the Pentagon systems are attacked all the time, then it's likely not an easy task to determine who launched any specific attack. Al Qaeda, the Chinese government, a Chinese cracker working on his own, a mindless virus--who knows?
      Whether any intelligence reports were lost or copied is likely classified itself. If the cracker doesn't know whether what he has, or what he destroyed, is valuable, then why should our government tell him?
      We're talking about the Department of Defense, remember. They likely don't care about the safety of the individuals whose data was compromised. They had to compromise those individuals themselves to make their intelligence reports!

      --
      There is a fine line between recklessness and courage... -- Paul McCartney
    2. Re:There's modern reporting for ya by smurfsurf · · Score: 3, Insightful

      > his moderately disturbing technophobic response

      You can argue that a person in his position does not have to deal with email. Communicating face to face or by phone is better suited to the job, allows for better relationship building. Any email (requests, reports, document distribution et al.) will be handled, filtered (and dealt with where possible), and presented to him by his admin anyway. He probably gets the remainder printed out, so be it.

  3. If anything can go wrong.... by Anonymous+McCartneyf · · Score: 3, Insightful

    At least when something goes wrong with a sealed message sent over the sneakernet, you'll know that something has gone wrong.
    Encryption isn't common in the current internet. And it is possible for someone to copy data and leave hardly any trace that it was copied.
    "Copyright infringement isn't theft." Is copying another state's secrets theft if the original copy of the secrets is still in the original computer?

    --
    There is a fine line between recklessness and courage... -- Paul McCartney
    1. Re:If anything can go wrong.... by Anonymous Coward · · Score: 5, Insightful

      "Copyright infringement isn't theft." Is copying another state's secrets theft if the original copy of the secrets is still in the original computer?

      No, that's still not theft. That's espionage.

  4. Re: 'I don't do e-mail. I'm a very low-tech person by janrinok · · Score: 5, Insightful

    And why is the ability to use email now a yardstick for someone being capable to do their job? I flew aircraft, using email was totally irrelevant. Nor is it a critical skill for a shopkeeper, a gardener, a fireman or a million other tasks. Sure, they can all use it if they wish to do so, but it does not affect their ability to do their job. I commanded large groups of people and I didn't need to use an email to do it. Lots of information had to be written down but an email was NOT an acceptable format for a set of orders, an intelligence assessment, a personal report on a subordinate or a request for leave. In my environment, you had to be able to write correctly and accurately, using a big boy's pen. Yes, it could be typed, using a traditional typewriter or a computer, but it still didn't need an email to do it. For security reasons, the vast majority of the computers that I used were either standalone or on very limited networks. The email facility, if used at all, wasn't always high up on the list. You probably work in something connected to computers, hence your interest here on /. You are probably interested in technology and other geek pursuits. It might be important to you, but that doesn't make it important to others.

    --
    Have a look at soylentnews.org for a different view
  5. Quit with the "cracker/hacker" bullshit by venomkid · · Score: 5, Insightful

    It's hacker, okay? Hacker. When someone is able to write code to get a computer to do something awesomely good, that person is a hacker. When someone manages to get a computer to do something is awesomely evil, that's also a hacker. If someone builds a spice rack for Gandhi, or a spice rack for Stalin, they're still both carpenters. Trying to frontload the term with your own moral judgment is just a little too newspeak for me.

    --
    vk.
  6. Flamebaiting the digerati by Shohat · · Score: 4, Insightful

    Now, every other person online will mock him for not knowing how to use email, and being "low tech".
    There is no reason why a person should use such new technology, when most of you probably spend all your time sitting of furniture you have no idea how to build (most have no idea how to build a chair that lasts a week), spend a life inside a home with no understanding of architecture or even the most basic ability to alter your surroundings, no ability to fix a broken toilet, repair a frozen refrigerator, fix a broken washing machine, or just replace a window in your house with a new one. And these are things that people live with from their early childhood, unavoidable parts of everyone's lives."Low tech" so to speak.
    But when a person doesn't use email? OMG ROFL ROFL ROFL WHAT A DUMBASS NEWB.

    --
    My Starcraft 2 Blog
  7. Attack or Counterattack? by TransEurope · · Score: 3, Insightful

    That's the question.

    The CIAs and NSAs operations are totally secret, maybe they attacked a cybertarget before, and that's the just a counterattack. That's a widely known strategy to control the media. The public thinks their countries computers are attacked by evil guys from whereever because they can't link that event to the secret event done by their own secret service before. So the (counter)attacker looks more wvil ("Hey, why do they hate us???") and the government can use this to raise the fear of the people. Also the computer guys from the services can demand more money for defense of the countries networks.

    You shouldn't believe everything the secret services (of any country) make public. Especially when they make something public ;-)

  8. Re:Keyboard Infestation by TheGreatHegemon · · Score: 4, Insightful

    Joking aside, I applaud the article for differentiating between hackers and crackers.

  9. only weasels and illiterates hate email by misanthrope101 · · Score: 4, Insightful
    For me, its principal virtue is that it serves as a record of what I actually said, and what was said to me. I want taskings and requirements in writing. I'm okay with them changing, as long as I have a record of what I was originally asked so we can track the change in objectives.

    I have waaaaay too many memories of supervisors saying "I never said that." Of course, I still have supervisors who want every encounter face-to-face, ostensibly because they feel that email is impersonal. Guess which supervisors have rather flexible memories when it comes to what they did and didn't say to me?

    I'll even type up what we discussed right after the meeting and pass it by them to "make sure I understood," and they just reply with "see me." But I push for written records as often as I can. Only weasels and illiterates hate email.