Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Military 'Hacked' by Emails

Posted by Zonk on from the watch-before-you-click dept.

An anonymous reader writes "Two of the US Military's most important science labs were apparently 'hacked'. Phishing mail was sent to a pair of research labs, where trojan programs allowed interlopers access to the otherwise secure networks. One of the sites was the infamous Los Alamos, which has been discussed many times here at Slashdot for its string of security breaches. 'Los Alamos has a checkered security history, having suffered a sequence of embarrassing breaches in recent years. In August of this year, it was revealed that the lab had released sensitive nuclear research data by email, while in 2006 a drug dealer was allegedly found with a USB stick containing data on nuclear weapons tests. "This appears to be a new low, even drug dealers can get classified information out of Los Alamos," Danielle Brian, executive director of the Project On Government Oversight (POGO), said at the time. Two years earlier, the lab was accused of having lost hard disks.'"

11 of 141 comments (clear)

  1. !news by Anonymous Coward · · Score: 3, Insightful

    Unclassified networks get viruses and trojans often, this is not really news. Nor is it "omg huge security breach" that an unclassified network would get a virus. That is the the whole reason classified and unclassified networks and physically separated.

  2. Hmph by moogied · · Score: 3, Insightful

    This simply further illustrates the need for better IT proffessionals. Most IT departments are looked at like maintence departments(In non IT firms). Something they are REQUIRED to have but not greatly to there advantage. Yes we introduce newer better software to increase productivity but we do it at a cost. So when it comes to IT security the budget is always smaller then should be. No one wants to pay more for the janitors to clean the locks every week. The locks still require keys and that is good enough. No one cares that the locks can be picked in 2 seconds.. as long it needs a key its fine. The same with IT. No one cares that you can be hacked because you send all you're data through unencrypted ethernet and that same network segment has a wifi-AP. You can't access either without a username or password.. right?!

    --
    So basically, -1 troll/offtopic is really slashdots way of saying "I hate that you thought of something before me."
  3. Minor bureacratic technicality to point out... by idontgno · · Score: 5, Insightful

    Both labs in question are actually U.S. Department of Energy, not Department of Defense. Technically, they're not "military" labs.

    More to the point, if they were military labs, the schlubs responsible for the security cockups would have been in the brig and awaiting a court-martial long ago. The knowledge that your "employer" can clap you in prison and then have you shot for almost a trivial incident is, to borrow a phrase, tremendously attention-focusing.

    Yeah, yeah, I know, nuclear weapons and technology, blah, blah, blah... but really. Historically, these labs have always been run a little bit like the average academic research lab at any mainline university, and the stereotypes about egghead scientist types hating military-style regimentation (including security processes) rings very true. Read up about the Manhattan Project. (Which is fitting, since these labs are the direct descendants of that program.)

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
    1. Re:Minor bureacratic technicality to point out... by Orthuberra · · Score: 4, Insightful

      More to the point, if they were military labs, the schlubs responsible for the security cockups would have been in the brig and awaiting a court-martial long ago. The knowledge that your "employer" can clap you in prison and then have you shot for almost a trivial incident is, to borrow a phrase, tremendously attention-focusing. Security at many DOD installations isn't much better to be honest. Didn't we have an article month or two back about the Secretary of Defense having his pc broken into?

      My personal experience with the NMCI project (Navy-Marine Corps Intranet) is that it isn't very secure. A cheap social engineering hack such as a phone call to the tech guys will pretty much guarantee you a password to access the network. No ones getting shot or being court-martialed because the government in question is fairly incompetent to begin with.

      Didn't we also have a story a little while back about Homeland Security's networks getting hacked a couple hundred times in the last two years. This isn't just a few labcoats who don't value security, the military fares no better, and neither do the Homeland Security guys.
  4. Re:shut er down! by graphicsguy · · Score: 2, Insightful

    Wait. Is public knowledge good or bad this week?

  5. Re:shut er down! by HBI · · Score: 5, Insightful

    Actually conspiracy theorists are more like trolls. They take advantage of the gullible nature of most people.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  6. Re:Article Clarification by Llywelyn · · Score: 2, Insightful

    It doesn't necessarily come from that article--which thankfully does make the distinction--it could have just been a guess based on knowledge of how these things are set up.

    --
    Integrate Keynote and LaTeX
  7. Re:shut er down! by p0tat03 · · Score: 5, Insightful

    Actually, if you weren't an idiot trolling, you'd realize that the vast majority of foreign researchers in the US are in the country by virtue of the O1 visa, not the H1. This visa requires documentation and proof that the person is a world-renowned expert in their field, possesses world-class skills in the arts or sciences, and in short is nothing short of an absolutely unique and brilliant individual.

    Or would you rather leave all those Pakistani, Chinese, and other brilliant scientists in their homelands, helping their repressive regimes?

  8. Re:shut er down! by merreborn · · Score: 2, Insightful

    Is it really worth pouring more money into this idiotville if every bit of scientific progress they make is practically public knowledge soon after? Just shut the stupid place down!


    Some would argue that the purpose of scientific progress is the advancement of the human race. Not just advancement of those members of the human race who happen to live within the borders of the U.S. of A.
  9. Re:shut er down! by jamar0303 · · Score: 3, Insightful

    Frankly, I'd rather the government spend tax money on this than on "securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries". The second is far too easily abused by the MPAA/RIAA (notice how long copyright terms are now? Notice the DMCA?).

    --
    OSx86 FTW
  10. Restricting knowledge doesn't seem a good way. by FatSean · · Score: 2, Insightful

    I'm more of the mind that we should share information freely because a rising tide moves all ship, but move money out of military budgets and into social programs.

    --
    Blar.