Slashdot Mirror
Significant Russian Attack On US Military Networks
killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"
... to have sensitive systems directly connected to the internet?
Oh , wait...
So umm, how's that Vista working out for you? What'd they use for the attack? Solitaire?
I'm not anti-social, I'm anti-idiot.
Solitaire?
So umm, you think that the 30k people working in the 'gon are smart enough to play Solitaire?
$100/hour to install air-gap firewalls on sensitive/classified networks. (Includes rental of scissors.)
"It doesn't cost enough, and it makes too much sense."
Just remember that just because it originated in Russia does not mean that this was a Russian Government attack (though it could have been known about and ignored by them if it wasn't) - it just happens to have been in Russia - the headline is a little misleading in that sense.
I love the way these things are always spun as if they are significant military attacks coordinate by the foreign government or their agents. Is there any evidence that it isn't just a few bored teenagers who happen to live in Russia and think it would be fun to try and hack the US DOD?
Anonymous coward here, for a reason etc.
I work with the USAF in a very official capacity in IT and got wind of the flash media ban a while back.
I've been asked to keep quiet about this, but since it isn't classified, and nobody takes slashdot seriously, take this for what it is worth:
We stopped using all flash media on all networks because we can no longer be confident that they do not come from the factory with payloads attached. I've seen entire boxes of flash media from the "amnesty boxes" set up inside USAF buildings sent off to NSA and FBI for investigation.
There are some who think that manufacturers have been infiltrated with the sole purpose of loading malware onto drives. And it isn't that it's specifically an attack on US Gov. computers - it's just that Gov. networks tend to be pretty incestuous, and flash drives are often moved back and forth between multiple computers daily by most users due to the flakiness of CAC (common access card) infrastructure.
So beware.
DO NOT connect military affiliated computers to internet, EVER.
dont you already have your on military-net ? run them only on that network.
Read radical news here
So, let's send the attacks back to them. If they want to play that game, let's crash their communications/economy/country/way-of-life.
>> Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or "malware," apparently designed specifically to target military networks.
so some stupid idiot ran piece of malware on supposed to be secured computer and it spreaded over secure network.. of course there'd be someone to blame.. why not these evil ruskies?
- Arwen, I'm your father, Agent Smith.
- Well, you're just Smith, but my father is Aerosmith!
The federal government is finally starting to see the fruits of its trifecta of asinine spending policies:
1) Lowest bidder (God forbid we get the best value for the tax dollar, not the cheapest).
2) Standard pay rates that don't take into serious consideration the skills and experience of employees. God forbid we adopt private sector pay policies because that might make us look like we're discriminating if some employees get paid a lot less than others.
3) The fact that it often takes an act of Congress to fire a federal employee.
Like most Northern Virginia-based software engineers, I've worked a federal contract here and there. I've been exposed to incompetence from federal employees that would not be tolerated by almost any corporation. My company actually brought a formal business case for why our government program manager was wrong and her decisions would be a disastrous waste of tax payer money to her bosses. We **pleaded* with them to override her and let our senior engineer do the architecture since she had no idea how to do it.
Guess what? They told us to shut up and get back in line.
There's this myth that the outsourcing of government has ruined the federal government. That's bullshit. Government contractors are often the only people who actually get shit done! We're the ones who actually do much of the heavy lifting because the civil service for so long was allowed to deteriorate into a combination of an affirmative action program and a welfare program for stupid white men.
There are real pockets of genuine competence and intelligence in the federal government, but unfortunately, they're so isolated by the prevailing culture and leadership that it would take a real Leviathan-wrangler at least 2 presidential terms to get any meaningful culling done.
But that was before every wannabe script kiddy used it. I would have thought they'd have had a seperate disconnected military network of their own by now.
When will people learn...
you had me at #!
These are professional liars, folks! This is a part of the Military disinformation effort - so publicly trumpeted right here on Slashdot - not so long ago.
If there had been any such REAL significance to this 'attack', do you think that it would be published and publicly acknowledged? There are very minor cold-war-era incidents and slip-ups that are still highly-classified, and never acknowledged.
I suppose this to be a non-event of ordinary malware, that is being used to:
1) Shape public opinion and generate suspicion
2) Justify restrictions on the Internet access/speech of military personnel
3) Profit!
Remember: In Soviet America, Military Network Attacks YOU!
"Flyin' in just a sweet place,
Never been known to fail..."
"may have originated in Russia" is not the same as "originated with the Russian government," of course.
My guess, the attacks are an attempt to turn the vast power of military computer systems into one giant spam-bot.
And, also, just think of all the new Nigerian scam letters that they could pull off with military connections... the "your son was wounded in Iraq and is being airlifted to a hospital in Germany, please send $10,000 to pay for a private room for him" scam will be much more powerful if it issues from a military computer (and, for that matter, much more convincing if the scammer knows the actual name, rank, and next-of-kin of the 'son').
http://www.geoffreylandis.com
The British Intelligence have learnt how to avoid infecting their systems with infected flash drives. They leave them on the train where they can't do any harm.
If thse attacks are successful, they will replace the old practice of dropping leaflets on enemy soldiers... Now when the modern soldier opens his e-mail, he will be greeted with "Feeling ashamed of your small willy, we can help" etc etc
So, the other day, i thought that my girlfriend would like the present i gave her... God was i wrong...
Now they think that the attack comes from Russia... That means they're not sure about it at all, they just got a hunch that the attack is from the Russians, they don't say they got proof or anything, they just say they think it's from there...
However, suspicions of Russian involvement come at an especially delicate time because of sagging relations between Washington and Moscow and growing tension over U.S. plans to develop a missile defense system in Eastern Europe. The two governments also have traded charges of regional meddling after U.S. support for democratic elections in former Soviet states and recent Russian overtures in Latin America.
Just because the relations with the Russians aren't that good doesn't automatically mean they'll attack you in Irak...
For all we know, it could be Irakians who would attack the Americans... Well that would rather be "the Irakians defend themselves by trying to bring the American's computers down"
Reading the article, which has almost no details, I think the LA Times is trying to make news out of nothing. The "senior military leaders" are basically like "senior business executives" who probably have no clue about any actual "attacks". They are just trying to hype up anything they can to increase their budgets.
The actual details they are dealing with is the same as any organization that uses computers and employs people.
"defense experts say could one day be used by combatants to undermine even a militarily superior adversary"
If it can be used to undermine an adversary, they are no longer militarily superior.
Which is a good thing. If the US cannot just assume they will win a given war, perhaps they will learn to use diplomacy in a meaningful way once more.
They're not attacking people, they're attacking computers, that's a lot better. And they're stealing "information" that I don't know anything about anyway, so it's not like I care. So how is this worse than launching a physical attack?
if i was in charge i would keep the good stuff off the WAN and in a separate closed LAN, then set up honeypots on the WAN/internet with flawed information and flawed schematics of military tech so when the chinese or russian crackers break in to steal something they dont get what they think they got...
Politics is Treachery, Religion is Brainwashing
Better luck next time, Slugheads!
That is the odd thing... you never hear about the huge attacks on the Chinese, Russian, North Korean, etc. But then again, the USG would never do anything unethical or underhanded or hypocritical or .
"Be polite, be professional, but have a plan to kill everybody you meet." General James Mattis
Why not have all these genius Slashdotters run the entire network? They seem know so much more about these systems, their funding limitations, and functional requirements than the admins.
Or, we can question and challenge the government to do better without arrogantly pretending we're so much smarter than *everyone*.
Sorry, couldn't resist.
Also, the CBC [Canadians] are running sensationalist crud on their TV.
Most irritating soundbite from a DHS 'expert':
"Digital Pearl Harbor"
I think they must have run the same quote 3-4 times.
Me? I think the military / DoD is begging for $$$ as usual. What? We didn't bail out the military? Shame!
--- See you at the Tannhäuser Gate.
The US military is not stupid, and does take systems security very seriously. What would look like ultra-paranoid behavior to a civilian may well be fully justified in the military world.
The reason is simple: any breach, leak, or DoS can result in somebody being killed, operations foiled, or even wars lost.
Security people have to guard against known threats and techniques, which are very challenging, plus unknown ones that nobody has even thought to consider. Being able to trust the technology that they are using is a very important element in managing that security.
All systems are somewhat sensitive, given that even non-sensitive tidbits of information can be assembled together to give a pretty good picture of very sensitive activities if enough of them are available.
For example, a point of sale system in a military base's dining facility could be tapped to give a count of meals served per day. If an adversary sees a sudden drop or increase, they know that SOMETHING is going on. Combine that with changes at other bases and a picture of force distribution begins to emerge that then guides the adversary where to plan to deploy their forces to defend or attack.
I can see why there is a need to avoid the use of any removable media, even on non-sensitive systems. Just a few pieces of malware or compromised hardware can result in leaking enough unclassified "factoids" to compromise the secrecy and security of important operations.
Hardware is especially troublesome from a security standpoint. It does not need operating system permission to access memory, and can sit silently in place until activated. One innocuous-looking IC can easily contain a hidden microcontroller that has full DMA capabilities, and there's no way - short of physically mapping out every transistor in every chip in the device - to even know whether or not they exist.
I'd be paranoid too if military systems security was part of my job.
...experts have not pinpointed the source or motive of the attack and could not say whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement.
Classic propoganda.
Shame on Julian Barnes of the LA Times and the unnamed senior military leaders.
I would have expected that on a military level, all software and operating systems used should be compiled from source, the source checked and risky features locked down. That would exclude proprietary operating systems like windows and mac OX and even prepackaged open source systems. Its probably not cheaper but cases like this should be wake up calls.
Maybe DARPA shouldn't have pulled funding for OpenBSD research a few years ago. I knew that was going to come back to bite the US DoD in the ass sooner or later.
Threatening but ultimately harmless attacks are carried about by scary foreign militaries, and devastating wide-scale attacks are carried out by bored spotty teenagers. What don't you watch TV!?!?
"When information is power, privacy is freedom" - Jah-Wren Ryel
"The 'malware' strike, thought to be from inside Russia"
=
We have no fucking clue who was behind this.
"This one was significant; this one got our attention"
=
We actually noticed this one.
you want to start a thermonuclear war because of a DDOS attempt?
get real.
DRM-free indie games for the PC and Mac: Positech Games
So its ok to let them trample on us, if its just a little bit?
---- Booth was a patriot ----
Do not even use a standard linux !
Use a SE linux or a BSD-like. Computer security is serious business in a few domains. In hospitals and military operations, authorizing a closed-source OS with the biggest malware and virus repository on the planet should be charged with felony or criminal negligence.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
give it 20 more posts...
"The news of my death have been greatly exaggerated."
It's funny how blind politically correct idiots can be. Nobody, not even Saddam himself, disputes that Saddam's army, under the direction of "Chemical Ali", FIRED WMD's AT DEFENSELESS CIVILIANS.
But of course it's politically expedient to claim he didn't have them.
It's a sad joke that people can be so stupid. It's like agreeing that a convicted murderer, who shot 10 people on live television, then bragged about it to the whole wold "never touched a gun". It's beyond stupid.
I'm just curious: Presuming all these things were real events, not made up, over exagerated, etc... At what point do you consider an attempt at hacking into government or military systems by another country to be an act of war? Are there levels of it? It's okay to break into some minor functionaries system, but we draw the line when you get into command and control systems that are passing sensitive data?
Or, is it just accepted that countries will be hacking one another's systems and that's okay?
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
Maybe its time the DoD does a push away from Windows onto operating systems it traditionally used and was far more resistant to security breaches. For desktops, OS X is hard to beat for usability and security. However what OS X does lack is management capabilities that Windows offers. For example you want one section of a network to have USB Flash drives usable, and another section of people, you want to deny use.
Add whole disk encryption capabilities to OS X (something that is sorely lacks, and only two products I know of provide this functionality), and this would be a winner. OS X is by no means secure from hacking, but it (and UNIX variants in general) are not as focused on 24/7 by government intelligence agencies and hacker groups in hopes to find a hole. Finally, most UNIX makers don't leave a remote root hole that anyone can exploit in their OS for seven years.
Another idea is to have the NSA/NIST design a modern hypervisor based OS from the ground up, similar to how MULTICS was designed with different windows and "tainting" of content. Copy and paste content from a top secret window to an unclassified window, the unclassified window immediately considers its content top secret and acts accordingly. At the minimum, the OS should have a hypervisor so strange machine calls like the F00F bug of yore, even if the top level OS misses them, are caught. Then, if the need arises, the OS can boot a standard PC OS on a VM to accomplish some tasks, but compromise would only be limited to that VM and what resources it gets access to.
Who controls the edge routers? He who controls them, controls what you see. Or perhaps, the ones that control unseen connectors on the edge of the network, controls what IPS are shown.
So has anyone actually seen any instances of this software if it's so damn prevalent? Links please? C'mon, it's gotta be public somewhere...
That "Russian" attack on Estonia turned out to be Estonian in the end. The there was another "Russian" attack on USA, which turned out the be Chinese. Now we have a "Russian" attack again... These, combined with recent silly PR campaign "warning" the US citizens of the dangers of visiting Russian and ex-USSR domains, is obviously staged in order to prepare the US population for the forthcoming internet censorship measures in the US. Apparently, the emergence of Russian sources presenting information in English does not sit well with federal US brainwashing/propaganda structures. Expect this PR campaign to continue. I wonder what BS will they put out next.
In Soviet Russia, the US Military Networks attack YOU! Now, wait...
Parent commenter has obviously never worked for the DOD in any network-security related position.
Let's assume this was, indeed a deliberate, coordinated attack by a foreign government (or sponsored thereby)?
How many (American) /.ers would actually lift a finger to help the US, or be anything more than ambivalent about the whole thing? From the general political tenor of the commentary here, I'd guess few.
-Styopa
ROFL!! Boy are YOU ever the dupe. The majority of all the nations represented in the security council are tyrannies of one form or another. Most of the nations in Asia, most of the nations in Africa, and most of the nations in South America are either dictatorships or oligarchies, and that's just for starters. In the middle east everyone but Israel (and now Iraq) is, and in Europe you still find some undemocratic nations as well (Serbia, Bulgaria, Russia, etc). So the body you claim is "democratic" and "representative of world opinion" is actually a body largely controlled by the small subset of the world population that are dictators, and is only representative of their interests.
At least in the security council a larger proportion of the permanent council members are democratic regimes. Yes, you have China and Russia, but at least you have some veto wielding democracies in the mix to strike down all the tyranny friendly policies that originate in the rest of the UN. One of the reasons America as a nation is great is that all of our states are democracies, and they joined to form a regional democratic government that IS representative of us. In the farce that is the UN that is not the case, and it turns into a massively ineffectual body that tends to reward corruption and legitimize dictators.
I think if we learn anything from the UN, it is that a government made up of anything other than democratic states is worthless, and will fail completely.
Beware of bugs in the above code; I have only proved it correct, not tried it.
I think that, right now, no one is really sure what to do. I don't think that it is a cause for war (traditionally speaking), but it is a violation of sovereignty. I'm not sure what we can do about it at this point aside from defense and counter-offense.
I'm a federal employee, and I'm posting this as anonymous for that reason.
This is the rhetoric that contractors always spout. In some cases it is true, but I find it is more often the opposite case. Nearly every contractor I've ever worked with is almost completely incompetent. They work themselves into positions where they can't be fired, because they make things so obfuscated that only they can decipher it. They sell their "professional services" and sell products that they are getting paid to sell (which is obviously a conflict of interest). To top it all off: like government workers they are amazingly difficult to fire. In some cases, it is *harder* to fire them, because firing a contractor in the government is often a career limiting move for federal employees.
I find contractors to be wonderful for specific, one time things that have direct oversight. Having a new HPC installed, and need the system racked, wired, etc.? Hire a contractor; I've had amazing experience using contractors for these one off jobs. Have a long term project that needs stability? Use normal employees; contractors often start taking over, leading government managers by the nose, and often end up costing insane amounts of money for poor performance.
Where I work there is a contractor that can never be found, doesn't complete most of his work, and only incompetently completes the rest. Most of his work gets done and/or fixed by government employees. I often ask for him to be fired. Hasn't happened in two years I've been asking yet.
This just proves that mission critical operations and life-or-death reliance should not co-exist with networking.
Truth, Just Us, And Hatred For All Mankind!
Security through obscurity = bad. Peer verification of architecture = good. Old news, but it's all on my blog.
-- haaz.
They don't use a lot of Windows on internal systems in the DoD. As I'm to understand, they run a lot more Linux and Solaris.
Please clarify the source of your understanding. It's wrong. I know people who do DoD CnC work and they're MCSE's. But that's not a problem itself - the question is one of access controls. In some of the more secure TLA's you can't do file transfers between networks of different security levels, only formatted and validated data can do that.
But I suspect people with classified documents on their computers regularly access the IntarWeb, and that's a weakness, and, golly gee, our enemies are trying to exploit our weaknesses. Personally I have no problem giving a General two desktop computers so he can buy movie tickets from work, but that may not be 'streamlined'.
Now if you want to talk about military hardware, then just read linuxdevices.com for a few months and you'll get a good feel for what's in there.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
it is the encryption of the LAN/MAN/WAN that matters
Not just encryption, but how information is allowed to flow between systems with varying security classifications. We know how to do this right, but fail to do the right thing in the name of convenience and cost.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
All you have to do is go on Myspace pretending to be a girl, phishing for "Honeywell" employees, etc. I'm not particularly interested in that, but history tells us that in Russia and China they have all their engineers locked in a cage somewhere but I'm willing to guess it isn't like that anymore if you can get past the language barrier..
Administration says one thing... reality is likely the other.
Haven't we learned yet?
I'm not believing a damn thing those people say. Chances are the attack is coming from within their own network.
long time no see...
Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
All our routers belong to Russia!
Another potentially serious problem out there are all of those SanDisk USB sticks preloaded with U3 that is designed to auto-launch anything, and that cannot be easily removed. http://en.wikipedia.org/wiki/U3 It is no wonder that the DoD banned these things.
any Russian wants is a world war. Because, unlike you, we know what that means. There is hardly a family in Russia that haven't lost loved ones in the previous one.
Yes, and it is the general assembly that contains such shining stars of freedom and prosperity that allow socialist authoritarian despotic hellholes like Zimbabwe to chair the Council on Sustainable Development (what's their inflation rate up to? One million percent? Gotta love shelling out a few hundred kilograms of paper for a beer.). The U.N., an international body with no internal corruption-busting mechanism (a prosecutor, if you will), has also allowed LIBYA to chair the Human Rights Commission. Hell, while they're at it, they should let Sudan chair something squishy feely-goody and human-rightsy too. You can obviously see the conflict of interest when Human Rights Watch makes a recommendation to the U.N. Group on Arbitrary Detentions to go into Libya. I'm no Bush supporter by any means... he trashed conservatism to the point where it became impossible for a true American hero to win the election, but I will always give credit where credit is due, and sending John Bolton to the U.N. was absolutely a good decision. After all, the U.N. is such a bang-up organization that they can funnel tens of billions of dollars through the oil for food "programme" (I love that spelling... makes it seem so... European), and not a single person is prosecuted and imprisoned for it. If there were a corrupt governmental bureaucracy studies field in universities, the U.N. would be the textbook example.
Most of the freaks and geeks (not that there's anything wrong with that) on /. are not military veterans, and as such, display the typical kind of juvenile disconnect from what really happens inside the terrible "military-industrial complex." I was part of the initial invasion, and sure as you're born, we had serious reason to believe that Chemical Ali would dump all sorts of nasty chicken-dance vapors on us, hence the entire first assault being performed at full MOPP protection in 110 degree heat. What else were we to believe? Surrendering Iraqi officers were telling our officers that they had chemical weapons at their disposal. As a commander, you HAVE to take such information as valid for the safety of your troops. As it turns out, it was merely a weak attempt to slow U.S. forces... because let me assure you, spending twelve hours straight in a chemical protection suit in the Iraqi heat sucks... a lot. No, really, it was about as fun as having your teeth drilled.
Invading Iraq was not about getting the WMDs, it was about removing a regime after it simply would not abide by the rules of the international community. Irregardless of how few weapons Hans Blix (what a raging wimp if I ever saw one) believed were in Iraq, the real issue was Saddam's constant manhandling of U.N. inspection teams that would often times be held at gunpoint for hours at road checkpoints and given access to sensitive and suspect sights only several hours or days after an attempted surprise inspection. As a comparison, if a police officer has every reason to believe is armed, because the guy is hiding something in his hand and says is a weapon, and when the suspect gestures it toward the officer the suspect gets killed, that officer acted in accordance with a proper escalation of force.
But, hey, I'm just a dumb Marine who remembers sitting in a cold squadbay out in the boonies of Camp Lejeune in February of 2003, and being with fifty other Marines huddled around a small radio, and listening to the news reports of Iraq's defiance of inspection demands and knowing that tomorrow we were heading over to supply to get issued most every piece of gear we rated. All those liberals out there who feel that Iraq "was about oil" or "was Bush's conspiracy" simply don't get it. They weren't the ones who helped civilian forensics teams load bodies onto the back of trucks as they were removed from mass graves, sweating their asses off in chemical protection suits, or geting intel reports from the S-2 NCO about the likelihood of nerve agents making you funky chicken dance in the sand.
The reason this virus spreads around is that Microsoft in its infinite wisdom decided that if certain files existed on a drive, they would get executed immediately when the drive is detected. While this is convenient for loading extensions that enhance the drives function, like encryption/decryption features, it is also obviously a problem when it loads malware. In the old days (DOS days) the user looked for a setup.exe file or install.exe and ran that if they wanted to install the software. These days when you stick in the CD, suddenly the installer is already running. This is either brilliant, or the most stupid idea ever. Microsoft probably created this feature of Windows primarily so there application software would be easier to install. The old way was never much of a barrier to getting software installed as long as the use knew about the "DIR" command. Of course the use of command line and commands like DIR or CD require basic knowledge, and Microsoft prefers, Plug and Play where installing and running software is no more difficult than inserting a DVD and having the movie start right away.
cold war is over. bodily fluids...intact.
war room, still no room for brawling.
Good people go to bed earlier.