Slashdot Mirror

← Back to Stories (view on slashdot.org)

Significant Russian Attack On US Military Networks

Posted by kdawson on from the my-agent.btz-will-call-you dept.

killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"

7 of 270 comments (clear)

  1. Re:KGB or Spotty Teenagers? by Steauengeglase · · Score: 3, Informative

    After all that went down in Georgia, I think it proves that there really isn't that much of a difference between the two.

  2. Re:Originating in Russian != Russian National by blhack · · Score: 3, Informative

    I'm not sure how things work in Russia (if the state owns the networks or not) but wouldn't it be the ISP or bandwidth provider ignoring this?

    I know, I know, ISPs can't (and shouldn't) be held responsible for this sort of thing, but just jumping at the Russian government because technically the copper(or fiber, or whatever) exists in Russian territory is a little bit silly IMHO.

    Really the only way that we could hold a foreign government responsible for the actions of their citizens on the Internet would be to expect government oversight on all the packets floating around on the networks that exist within their territories. I highly doubt that there are many people on slashdot that would advocate that.
    Really, the Internet needs to exist separately from real-world governments. I know that some are in favor of having no regulatory body of any kind on the networks, but I think things are starting to get out of hand. A government that exists for the internet only is starting to make sense, especially since people who have studied traditional, physical-world-based law have generally don't know head from ass when it comes to computer networks.

    --
    NewslilySocial News. No lolcats allowed.
  3. Re:tag MICROSOFT + WINDOWS... again n/t by malevolentjelly · · Score: 4, Informative

    They don't use a lot of Windows on internal systems in the DoD. As I'm to understand, they run a lot more Linux and Solaris. In the interests of national security, though, all these systems are too close to make a big difference security-wise.

    They may have different levels of attackability for circumstances relating to casual attacks and casual computer use (this is where we say "is the default linux installation in X version of linux more or less secure than the default windows installation in Y version of windows?) But when these systems have proper internal security policies set up, it doesn't make a huge difference-- when they are well configured, they're functionally the same.

    DoD systems are generally set up so that one is connected to the internal network and one to the external network-- when you want to move a file, you simply use a flash drive. The chances are very good that these are running different operating systems, anyway.

    For a coordinated and advanced attack on our DoD network infrastructure it has less to do with what operating systems we are running, which is really just a question of usability and administration time, but moreso broader questions of security policy-- such as where do you get your flash drives?

    In short, if one OS was the issue here, this attack couldn't have gotten anywhere. An OS really doesn't mean much when you compare it to the overall security model for the network infrastructure, especially with the physical network restrictions used by the DoD.

    The biggest difference for the operating systems for their purposes would be more on features like TPM-enabled drive encryption, etc-- things that would make it more difficult to hack a stolen laptop-- stuff like that.

  4. Re:Surely the US military is dumb enough.. by hesaigo999ca · · Score: 3, Informative

    Easy to keep the military systems safe, don't plug them into the internet...that way people all the way from Russia wont be able to hack them if there is no access....it would only be something from within, and this we already have a budget for, not need more money for it as a separate expenditure

  5. Re:Surely the US military is dumb enough.. by gwait · · Score: 5, Informative

    Bullshit.
    Those of us outside the feverish and patriotic US Propaganda machine could see that machine heavily at work.

    Yes it was entirely plausible that Saddam had WMD,
    so yes it was expedient to send in inspectors.
    When said inspectors turned up absolutely nothing,
    that wasn't the answer America wanted to hear, since "Something had to be done about 911!".

    The best summary of the Iraq war propoganda machine at work is here:

    http://www.pbs.org/moyers/journal/btw/watch.html

    Why should you care? America is now worse than broke, and you spend trillions blowing up a country for no benefit to that country or to the average US citizen.

    --
    Bavarian Purity Law of Rice Krispie Squares: Rice Krispies, Marshmallows, Butter, Vanilla.
  6. Re:Surely the US military is dumb enough.. by OeLeWaPpErKe · · Score: 4, Informative

    *sigh* this is just so stupid it's hard to decide where to begin, but I'll try :

    When you see an American article, in English, you always see "AP", "AFP" under it. There is a third agency, but it's name escapes me for now.

    AP stands for associated press, which is not American
    AFP stands for "agence france-presse" which is french.

    They cooperate with one another, hardly ever making double coverage, so in practice an article with AP under it might have come from AFP. They both translate those articles in over 30 languages, and give their clients, like cnn, the right to copy them verbatim.

    So 1/3rd (in theory, in practice more) of all the news you see has been collected by French reporters, or at least reporters paid by french people.

    You will find nearly all news duplicated across the atlantic in practice. Everybody agrees having a singular entity collect all news is a terrible idea. Everybody also agrees that it's cheaper, so it wasn't a contest at all.

    Also keep in mind that e.g. during the Israel-Lebanon (or rather Israel vs Lebanese terrorists that Lebanon couldn't (and can't) deal with, who are therefore in massive violation of just about every international treaty by their existence alone), AFP hired a Hezbollah "kolonel" to collect news for them (he had very good access to the battlefield, you see, and he didn't tell AFP about his position). This is then passed of as "impartial" information.

    But the sad reality is, there isn't any alternative to them.

  7. Re:Surely the US military is dumb enough.. by Xelios · · Score: 3, Informative

    I think Stephen Colbert did a great job of summarizing the propaganda machine behind the Iraq war. You can watch the bit I'm talking about here:

    http://www.youtube.com/watch?v=diEdNgnzR3g

    --
    Murphey's fighting Occam, and we're in the stands.