Slashdot Mirror
Significant Russian Attack On US Military Networks
killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"
After all that went down in Georgia, I think it proves that there really isn't that much of a difference between the two.
What's the point of putting malware if it won't be run? Or did I miss something, and "autorun" actually works on UMS devices in Windows?
You did, it does.
I'm not sure how things work in Russia (if the state owns the networks or not) but wouldn't it be the ISP or bandwidth provider ignoring this?
I know, I know, ISPs can't (and shouldn't) be held responsible for this sort of thing, but just jumping at the Russian government because technically the copper(or fiber, or whatever) exists in Russian territory is a little bit silly IMHO.
Really the only way that we could hold a foreign government responsible for the actions of their citizens on the Internet would be to expect government oversight on all the packets floating around on the networks that exist within their territories. I highly doubt that there are many people on slashdot that would advocate that.
Really, the Internet needs to exist separately from real-world governments. I know that some are in favor of having no regulatory body of any kind on the networks, but I think things are starting to get out of hand. A government that exists for the internet only is starting to make sense, especially since people who have studied traditional, physical-world-based law have generally don't know head from ass when it comes to computer networks.
NewslilySocial News. No lolcats allowed.
$100/hour to install air-gap firewalls on sensitive/classified networks. (Includes rental of scissors.)
In little old New Zealand anything classified above commercial-sensitive is not allowed to be on any computer system with a connection to the internet.
They don't use a lot of Windows on internal systems in the DoD. As I'm to understand, they run a lot more Linux and Solaris. In the interests of national security, though, all these systems are too close to make a big difference security-wise.
They may have different levels of attackability for circumstances relating to casual attacks and casual computer use (this is where we say "is the default linux installation in X version of linux more or less secure than the default windows installation in Y version of windows?) But when these systems have proper internal security policies set up, it doesn't make a huge difference-- when they are well configured, they're functionally the same.
DoD systems are generally set up so that one is connected to the internal network and one to the external network-- when you want to move a file, you simply use a flash drive. The chances are very good that these are running different operating systems, anyway.
For a coordinated and advanced attack on our DoD network infrastructure it has less to do with what operating systems we are running, which is really just a question of usability and administration time, but moreso broader questions of security policy-- such as where do you get your flash drives?
In short, if one OS was the issue here, this attack couldn't have gotten anywhere. An OS really doesn't mean much when you compare it to the overall security model for the network infrastructure, especially with the physical network restrictions used by the DoD.
The biggest difference for the operating systems for their purposes would be more on features like TPM-enabled drive encryption, etc-- things that would make it more difficult to hack a stolen laptop-- stuff like that.
The ban on flash media was to stop the propagation of a Win32 worm that "spreads by creating an AUTORUN.INF file to the root of each drive with the malicious .dll file."
It was just one of many steps taken to triage infected systems and protect uninfected systems.
It's possible it was an attempt to breach the DoD networks, but it's just as likely and more plausible that it's just another botnet being created.
What's the point of putting malware if it won't be run? Or did I miss something, and "autorun" actually works on UMS devices in Windows?
Yes, it does. But, it's relatively easy to disable.
Use a Microsoft "PowerToys" application to simply disable all drives: Tweak UI. It's only available for XP, at least from Microsoft. There is reportedly a version for Vista from a third-party developer.
Easy to keep the military systems safe, don't plug them into the internet...that way people all the way from Russia wont be able to hack them if there is no access....it would only be something from within, and this we already have a budget for, not need more money for it as a separate expenditure
Bullshit.
Those of us outside the feverish and patriotic US Propaganda machine could see that machine heavily at work.
Yes it was entirely plausible that Saddam had WMD,
so yes it was expedient to send in inspectors.
When said inspectors turned up absolutely nothing,
that wasn't the answer America wanted to hear, since "Something had to be done about 911!".
The best summary of the Iraq war propoganda machine at work is here:
http://www.pbs.org/moyers/journal/btw/watch.html
Why should you care? America is now worse than broke, and you spend trillions blowing up a country for no benefit to that country or to the average US citizen.
Bavarian Purity Law of Rice Krispie Squares: Rice Krispies, Marshmallows, Butter, Vanilla.
*sigh* this is just so stupid it's hard to decide where to begin, but I'll try :
When you see an American article, in English, you always see "AP", "AFP" under it. There is a third agency, but it's name escapes me for now.
AP stands for associated press, which is not American
AFP stands for "agence france-presse" which is french.
They cooperate with one another, hardly ever making double coverage, so in practice an article with AP under it might have come from AFP. They both translate those articles in over 30 languages, and give their clients, like cnn, the right to copy them verbatim.
So 1/3rd (in theory, in practice more) of all the news you see has been collected by French reporters, or at least reporters paid by french people.
You will find nearly all news duplicated across the atlantic in practice. Everybody agrees having a singular entity collect all news is a terrible idea. Everybody also agrees that it's cheaper, so it wasn't a contest at all.
Also keep in mind that e.g. during the Israel-Lebanon (or rather Israel vs Lebanese terrorists that Lebanon couldn't (and can't) deal with, who are therefore in massive violation of just about every international treaty by their existence alone), AFP hired a Hezbollah "kolonel" to collect news for them (he had very good access to the battlefield, you see, and he didn't tell AFP about his position). This is then passed of as "impartial" information.
But the sad reality is, there isn't any alternative to them.
I think Stephen Colbert did a great job of summarizing the propaganda machine behind the Iraq war. You can watch the bit I'm talking about here:
http://www.youtube.com/watch?v=diEdNgnzR3g
Murphey's fighting Occam, and we're in the stands.
On a classified system, the entire computer, and anything that touches it (be it media, monitor, printer, or network) is also classified. There can be no instance of one window being classified and the other not: they are both classified at the same level regardless of content.
You can have an unclassified system running right next to a classified one, but they cannot interact with each other at all.
I am very small, utmostly microscopic.
Do you really believe that this is true? For a start, the world's largest broadcasting news gathering organisation is the BBC, which is British. Secondly, I was under the impression that U.S. news broadcasters mostly ignore international issues and focus on domestic issues instead. It is unlikely that more than one third of U.S. domestic news is gathered by French men. You may also be interested to learn that the Associated Press (AP) is an American news agency and Reuters Group Limited is a British based news service.
As a non-U.S. citizen, the idea that over 1/3rd of U.S. news content is written by the French is an amusing idea - kind of on the same intellectual level as ranting about Freedom Fries and Surrender Monkeys.