Slashdot Mirror
Significant Russian Attack On US Military Networks
killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"
Ban on flash drives ... doesn't seem they came in through the internet.
(btw : of course the military has computers connected directly to the internet. They created the internet. The remaining systems are only sensitive in the economic sense of the word though)
just my 2c
Just remember that just because it originated in Russia does not mean that this was a Russian Government attack (though it could have been known about and ignored by them if it wasn't) - it just happens to have been in Russia - the headline is a little misleading in that sense.
I love the way these things are always spun as if they are significant military attacks coordinate by the foreign government or their agents. Is there any evidence that it isn't just a few bored teenagers who happen to live in Russia and think it would be fun to try and hack the US DOD?
DO NOT connect military affiliated computers to internet, EVER.
dont you already have your on military-net ? run them only on that network.
Read radical news here
The federal government is finally starting to see the fruits of its trifecta of asinine spending policies:
1) Lowest bidder (God forbid we get the best value for the tax dollar, not the cheapest).
2) Standard pay rates that don't take into serious consideration the skills and experience of employees. God forbid we adopt private sector pay policies because that might make us look like we're discriminating if some employees get paid a lot less than others.
3) The fact that it often takes an act of Congress to fire a federal employee.
Like most Northern Virginia-based software engineers, I've worked a federal contract here and there. I've been exposed to incompetence from federal employees that would not be tolerated by almost any corporation. My company actually brought a formal business case for why our government program manager was wrong and her decisions would be a disastrous waste of tax payer money to her bosses. We **pleaded* with them to override her and let our senior engineer do the architecture since she had no idea how to do it.
Guess what? They told us to shut up and get back in line.
There's this myth that the outsourcing of government has ruined the federal government. That's bullshit. Government contractors are often the only people who actually get shit done! We're the ones who actually do much of the heavy lifting because the civil service for so long was allowed to deteriorate into a combination of an affirmative action program and a welfare program for stupid white men.
There are real pockets of genuine competence and intelligence in the federal government, but unfortunately, they're so isolated by the prevailing culture and leadership that it would take a real Leviathan-wrangler at least 2 presidential terms to get any meaningful culling done.
How do we know this attack even happened?
Supreme Commander/General Eisenhower warned us to be wary of the military-industrial complex's desire to create wars just to keep themselves in business, and we already caught them in a recent lie (WMDs in Iraq that never existed). How do we know this "computer war" happened and is not just another made-up story to try to get trillions more dollars & keep the military-industrial companies employed?
I work for these people, and frankly I don't trust them. I'd personally be happy to give up my job in order to bring the Congressional budget into the black & reduce taxpayer burdens, but I know many of my colleagues would not. They want to keep their jobs regardless of cost (or lies).
FOX NEWS.com should be BANNED from television and internet. Have the Congress take it over and give us Truespeak.
These are professional liars, folks! This is a part of the Military disinformation effort - so publicly trumpeted right here on Slashdot - not so long ago.
If there had been any such REAL significance to this 'attack', do you think that it would be published and publicly acknowledged? There are very minor cold-war-era incidents and slip-ups that are still highly-classified, and never acknowledged.
I suppose this to be a non-event of ordinary malware, that is being used to:
1) Shape public opinion and generate suspicion
2) Justify restrictions on the Internet access/speech of military personnel
3) Profit!
Remember: In Soviet America, Military Network Attacks YOU!
"Flyin' in just a sweet place,
Never been known to fail..."
The other side of the coin is like this:
How do we know that it's not retaliation for an attack on Russian computers that originated from US military networks?
When we start hearing news stories about computer attacks from Latvia, Peru, or some small country in the far east perhaps they can be believed. Right now the news is all about attacks from people that the current administration would like to demonize. That makes the believability of these reports a little less than zero IMO. It sounds like pure propaganda at this point. If it is real, it's probably part of a cat/mouse game that we've been playing with them all along. Anyone who has been in the US military knows that we play war games all the time with Russia. Look up news on the USS Augusta, search for news about submarines a week before and after, you'll see that it hit a Russian sub in a bad game of chicken. Why would computer networks be any different? I bet there are teams of IT people that set up honey pot networks just for this kind of war game. It would be stupid to believe otherwise.
Support NYCountryLawyer RIAA vs People
So, the other day, i thought that my girlfriend would like the present i gave her... God was i wrong...
Now they think that the attack comes from Russia... That means they're not sure about it at all, they just got a hunch that the attack is from the Russians, they don't say they got proof or anything, they just say they think it's from there...
However, suspicions of Russian involvement come at an especially delicate time because of sagging relations between Washington and Moscow and growing tension over U.S. plans to develop a missile defense system in Eastern Europe. The two governments also have traded charges of regional meddling after U.S. support for democratic elections in former Soviet states and recent Russian overtures in Latin America.
Just because the relations with the Russians aren't that good doesn't automatically mean they'll attack you in Irak...
For all we know, it could be Irakians who would attack the Americans... Well that would rather be "the Irakians defend themselves by trying to bring the American's computers down"
Reading the article, which has almost no details, I think the LA Times is trying to make news out of nothing. The "senior military leaders" are basically like "senior business executives" who probably have no clue about any actual "attacks". They are just trying to hype up anything they can to increase their budgets.
The actual details they are dealing with is the same as any organization that uses computers and employs people.
No.
Sorry. No.
That's so wrong it's funny. The whole world didn't believe shit about WMDs. Your government made shit up and then our government (UK) got involved because they thought it was politically expedient.
And the Syria thing? Please. Bullshit to justify US actions in light of the complete clusterfuck that the Iraq thing became.
That is the odd thing... you never hear about the huge attacks on the Chinese, Russian, North Korean, etc. But then again, the USG would never do anything unethical or underhanded or hypocritical or .
"Be polite, be professional, but have a plan to kill everybody you meet." General James Mattis
But the whole world believed that Iraq had WMDs
That is so ludicrously wrong you must have been watching american news.
The vast majority of the world did NOT believe that WMD nonsense.
"So 17 UN resolutions referencing WMDs represents what to you, moron?"
History. The Irqi gov't weren't cooperating, but Blix was not convinced they had any WMD when he was pulled out.
"Put the propaganda UK rags down, get some better medications, and go back to middle school and learn something before further poisoning the internet with your ignorance."
Lol. Republitard.
So 17 UN resolutions referencing WMDs represents what to you, moron?
That is the result of the disfunctional and undemocratic security council where the USA has a vetoe.
Don't confuse security council resolutions for something representing world opinion.
It is the general assembly that is democratic and representative, the security council is a private club.
The US military is not stupid, and does take systems security very seriously. What would look like ultra-paranoid behavior to a civilian may well be fully justified in the military world.
The reason is simple: any breach, leak, or DoS can result in somebody being killed, operations foiled, or even wars lost.
Security people have to guard against known threats and techniques, which are very challenging, plus unknown ones that nobody has even thought to consider. Being able to trust the technology that they are using is a very important element in managing that security.
All systems are somewhat sensitive, given that even non-sensitive tidbits of information can be assembled together to give a pretty good picture of very sensitive activities if enough of them are available.
For example, a point of sale system in a military base's dining facility could be tapped to give a count of meals served per day. If an adversary sees a sudden drop or increase, they know that SOMETHING is going on. Combine that with changes at other bases and a picture of force distribution begins to emerge that then guides the adversary where to plan to deploy their forces to defend or attack.
I can see why there is a need to avoid the use of any removable media, even on non-sensitive systems. Just a few pieces of malware or compromised hardware can result in leaking enough unclassified "factoids" to compromise the secrecy and security of important operations.
Hardware is especially troublesome from a security standpoint. It does not need operating system permission to access memory, and can sit silently in place until activated. One innocuous-looking IC can easily contain a hidden microcontroller that has full DMA capabilities, and there's no way - short of physically mapping out every transistor in every chip in the device - to even know whether or not they exist.
I'd be paranoid too if military systems security was part of my job.
I don't trust any upper-level manager in any industry, but especially not in DoD contracting, and I certainly don't trust DoD civilians to be honest or competent.
This is taking place during the transition between Administrations, so someone at the DoD hierarchy wants to make a show about how they are "protecting America" when everyone in the commercial sector dealt with the agent.btz trojan quietly months ago.
In the land of the blind, the one-eyed man is usually crucified.
That is the result of the disfunctional and undemocratic security council where the USA has a vetoe.
Don't confuse security council resolutions for something representing world opinion.
Except when they agree with you presumably, like just before the war.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
You must live in a parallel universe!
There are so many mainstream sources around UNSCOM and the IAEA that have come forward since the Iraq war that the truth is no longer in question. It goes like this:
Firstly, the Iraqi military and economy had been smashed by the first gulf war and subsequent sanctions.
Secondly, Hussein and the rest weren't stupid and clearly knew the US government, public and media were all baying for war.
Thirdly, the UNSCOM inspections were very thorough and even well funded and equipped (largely by the US taxpayer) and had a great deal of success in pressurizing the Iraqi regime into getting rid of what it had left, which in any case wasn't much because it was all so old. Dozens of Iraqi army officers defected through Syria or Jordan and confirmed the story.
Because of all this, successive administrations tried and failed to find a pretext to war. Parent is entirely correct - it's the defense industry wanting cash and the government finding any excuse to pump tax dollars to their well-to-do pals. It's good for the economy, according to the politicians.
What helped most of all to tip the balance in favour of war was when someone or other (probably the CIA) forged a now infamous document purporting to show the sale of yellow-cake uranium by Niger to Iraq. It was by all accounts a hilariously bad forgery and contained many, many obvious errors that clearly showed it could not be genuine. However, the White House released it to the media as genuine, who immediately, without checking it, presented it as causus belli to the trusting public. By the time the IAEA's Mohammed El Baradei announced a couple of days later that it was utterly false, it was too late. Not that the same, supposedly liberal media made a big deal of that.
That, my friend, is how rich, powerful people can manipulate the public into doing whatever they see as necessary, even when it calls for the deaths of hundreds of thousands of normal, working class people on all sides.
You thought you could break the laws of physics without paying the PRICE?
...experts have not pinpointed the source or motive of the attack and could not say whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement.
Classic propoganda.
Shame on Julian Barnes of the LA Times and the unnamed senior military leaders.
The whole point of the inspections was to make positively sure that Saddam didn't have any. I'm assuming you agree that's better than thinking he probably-maybe-not-sure doesn't then finding out that you're wrong, in the form of a big fireball over some city?
Answer this, if he didn't have any and wasn't in the process of making any, why was he so keen to get rid of the inspectors?
Everybody who says he didn't have WMD (on the basis of what we know now) is just a Monday morning quarterback. Hindsight is always 20-20.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
well the simplest solution is to look at non US news sources. frequently the BBC posts stories about US military hours before american news outlets do. Pull your head out of your arse, and look at some else's news for a while. France while a some what ally will publish news that American news outlets won't as they are considered "sensitive" or not news worthy(read latest actress scandal is more important).
i thought once I was found, but it was only a dream.
When you see an American article, in English, you always see "AP", "AFP" under it. There is a third agency, but it's name escapes me for now.
Reuters
You are still innocent until proven guilty. What's changed is what they do to innocent people. - notnAP, #26891325
Yes lets forget about the Russia's recent aggression into Georgia
Lets also pretend Russia isn't going to finish building Irans first nuclear plant in 2009
Lets not acknowledge that Medvedev just signed a nuclear deal with Venezuela
Lets forget all the recent _obvious_ Russian aggression against the United States and just skip to the part where you make up facts out of thin air about the US attacking Russian computers. Then lets take this big steamy pile of B.s. and mod it plus 5 cause its anti-american and on slashdot.
It's obvious Russia wants war. They are doing everything they can to provoke the united states in hopes the US will be seen as the aggressor. The world doesn't seem to care Russia is trying to provoke a world war. You can say the US provoked the war with Iraq i suppose but its alittle late for that and has nothing to do with Russia. Iraq and the US have already reached an agreement and they seem fine. Its too late to jump in on their behalf talking of an unjust war when they're signing agreements saying when its okay to be there, and when its time to leave. So I say this Russia thing is a separate issue. they're on a hunt for power and they see the US as weak right now. Now is the time for them to assert themselves. We all know this is whats happening im just concerned why nobody in the world has a problem with another cold war. I guess hate for the US is so high they'd like to see it.
Its good to be skeptical of the US's claims on attacks but you gotta admit if you're a logical person this fits right in line with what Russia has been doing the last several months.
-- "of course thats just my opinion, I could be wrong." --Dennis Miller
Well, since your handle is 'Pros_n_Cons' perhaps we should revisit the news:
Georgia started the strife with Russia - not the other way around.
Russia has been trying to get in on Iranian nuclear power to sell them stuff for a long time. The politics of the middle east is complex enough that no slashdot post will explain it all. Russia still needs warm water ports. Iran is a strategically valid place for them. Russia actually offered to help settle the sabre rattling over nuclear power in Iran by assisting with running the program. If you were to sit and look at America the way that the rest of the world has to, what Russia has done is not all that out of line.
One reason that people found a fondness for the cold war between Russia and the US is because it managed to keep a lid on the nuclear arms problem. With too many wild cards in the game, the game gets that much more difficult to play without losing.
uhmmmm, yeah, Iraq had to work pretty hard at that, didn't they?
Demonizing Russia or any other country is nothing more than propaganda. period. Propaganda that the world, specifically the US, does not need now, or ever.
Support NYCountryLawyer RIAA vs People
a few years back when the american Sub hit a japanese fishing trawler, I heard about it from the BBC 3 hours earlier than CNN, FOX, or NBC began to air what happened.
the AP had it but it wasn't news worthy for hours afterwards. I didn't say other news sources wouldn't be biased as well, but if you want to know what is happening in the USA try an external news source first.
Another point the hotel shooting in India. the USA news sources are focusing 90% of their coverage on the 3 americans inside, more or else ignoring the other hundreds of people wounded.
I am smart enough to understand that french and british news are also biased towards their own people. You can learn quite a bit by keeping an open mind.
i thought once I was found, but it was only a dream.