US Military 'Hacked' by Emails

An anonymous reader writes "Two of the US Military's most important science labs were apparently 'hacked'. Phishing mail was sent to a pair of research labs, where trojan programs allowed interlopers access to the otherwise secure networks. One of the sites was the infamous Los Alamos, which has been discussed many times here at Slashdot for its string of security breaches. 'Los Alamos has a checkered security history, having suffered a sequence of embarrassing breaches in recent years. In August of this year, it was revealed that the lab had released sensitive nuclear research data by email, while in 2006 a drug dealer was allegedly found with a USB stick containing data on nuclear weapons tests. "This appears to be a new low, even drug dealers can get classified information out of Los Alamos," Danielle Brian, executive director of the Project On Government Oversight (POGO), said at the time. Two years earlier, the lab was accused of having lost hard disks.'"

Minor bureacratic technicality to point out...

[idontgno]

Both labs in question are actually U.S. Department of Energy, not Department of Defense. Technically, they're not "military" labs.

More to the point, if they were military labs, the schlubs responsible for the security cockups would have been in the brig and awaiting a court-martial long ago. The knowledge that your "employer" can clap you in prison and then have you shot for almost a trivial incident is, to borrow a phrase, tremendously attention-focusing.

Yeah, yeah, I know, nuclear weapons and technology, blah, blah, blah... but really. Historically, these labs have always been run a little bit like the average academic research lab at any mainline university, and the stereotypes about egghead scientist types hating military-style regimentation (including security processes) rings very true. Read up about the Manhattan Project. (Which is fitting, since these labs are the direct descendants of that program.)

Re:Minor bureacratic technicality to point out...

[Orthuberra]

More to the point, if they were military labs, the schlubs responsible for the security cockups would have been in the brig and awaiting a court-martial long ago. The knowledge that your "employer" can clap you in prison and then have you shot for almost a trivial incident is, to borrow a phrase, tremendously attention-focusing. Security at many DOD installations isn't much better to be honest. Didn't we have an article month or two back about the Secretary of Defense having his pc broken into?

My personal experience with the NMCI project (Navy-Marine Corps Intranet) is that it isn't very secure. A cheap social engineering hack such as a phone call to the tech guys will pretty much guarantee you a password to access the network. No ones getting shot or being court-martialed because the government in question is fairly incompetent to begin with.

Didn't we also have a story a little while back about Homeland Security's networks getting hacked a couple hundred times in the last two years. This isn't just a few labcoats who don't value security, the military fares no better, and neither do the Homeland Security guys.

Re:shut er down!

[HBI]

Actually conspiracy theorists are more like trolls. They take advantage of the gullible nature of most people.

Re:shut er down!

[p0tat03]

Actually, if you weren't an idiot trolling, you'd realize that the vast majority of foreign researchers in the US are in the country by virtue of the O1 visa, not the H1. This visa requires documentation and proof that the person is a world-renowned expert in their field, possesses world-class skills in the arts or sciences, and in short is nothing short of an absolutely unique and brilliant individual.

Or would you rather leave all those Pakistani, Chinese, and other brilliant scientists in their homelands, helping their repressive regimes?