Significant Russian Attack On US Military Networks

killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"

It isn't just targeting the US.

Anonymous coward here, for a reason etc.

I work with the USAF in a very official capacity in IT and got wind of the flash media ban a while back.

I've been asked to keep quiet about this, but since it isn't classified, and nobody takes slashdot seriously, take this for what it is worth:

We stopped using all flash media on all networks because we can no longer be confident that they do not come from the factory with payloads attached. I've seen entire boxes of flash media from the "amnesty boxes" set up inside USAF buildings sent off to NSA and FBI for investigation.

There are some who think that manufacturers have been infiltrated with the sole purpose of loading malware onto drives. And it isn't that it's specifically an attack on US Gov. computers - it's just that Gov. networks tend to be pretty incestuous, and flash drives are often moved back and forth between multiple computers daily by most users due to the flakiness of CAC (common access card) infrastructure.

So beware.

Re:KGB or Spotty Teenagers?

[Xest]

To be fair, it's not like when the US reports these attacks to China/Russia they do anything about them to suggest you might be right though.

It's the same with the whole Litvinenko thing here in the UK, we know where the Polonium came from (a Russian lab) we even pretty much know Lugovoi did it but as they wont help whatsoever to put him to trial and have instead put him into their parliament in a position of power it's kind of hard to give them the benefit of the doubt.

Maybe if they actually helped bring these perpetrators to justice we could give them the benefit of the doubt as you suggest, but when they instead protect the almost certainly guilt with no real trial or investigation then it only adds to the idea that the governments of these nations themselves are in fact responsible.

If a bunch of Canadians crossed the US border and attacked the US and then made it back to Canada safely and the Canadian government did nothing about it or even went as far as giving these people places in government as per the Luogovoi/Litvinenko affair then yeah I think most people would still say the Canadian government deserves a lot of the blame.

Don't get me wrong however, I do feel these "cyber attacks" are a little overstated, I hate to say it but it's becoming so common when I read about them I can't help but think "Who cares, stop moaning and either return the favour or learn from it and stop it happening again". As is pointed out here on Slashdot often though, they don't seem to learn from their mistakes and instead simply repeat them over and over. I'm not sure what the US government is trying to achieve with these cries? Trying to make us hate Russia/China? Don't worry their human rights record means a lot of us already do. Trying to get sympathy? Well what for? You're the military, you're the ones who are meant to be dealing with it and so on.

Or in other words, to put it simply- they're all just as bad as each other.

Re:KGB or Spotty Teenagers?

[Kent+Recal]

It probably is some windows worm or something written by a script-kiddie. But to admit that would be to embarrassing, so they make it out to be a big deal.

It is exactly this vain "cover-my-ass" attitude that makes situations escalate, sometimes up to the point of war. I understand that a bunch of old farts in DoD feel a strong need to justify (or increase) their Cyberwarfare budgets but pointing fingers at an allied country (relations with which are not always easy) in public over a non-issue like this is, imho, going way too far.

Network security by isolation of the critical parts is possible and this whole "cyberwarfare"-bullshit is just driving tears into the eyes of anyone who knows a bit about the subject.
Yes, an attacker could overload and DoS less important/perimeter networks and yes an attacker may able to overtake various individual machines or department networks, e.g. by sneaking trojans onto employee's computers, phishing etc.

If any of that worries you in a national-security kind of way then do your fucking homework and implement appropiate security layers and airgaps already!
A flash trojan is a non-issue because a critical system won't run flash. In fact, a critical system won't even interface with a system that could be taken over in such a way.

"We have always been at war with East Asia"

[leoofborg]

Sorry, couldn't resist.

Also, the CBC [Canadians] are running sensationalist crud on their TV.

Most irritating soundbite from a DHS 'expert':

"Digital Pearl Harbor"

I think they must have run the same quote 3-4 times.

Me? I think the military / DoD is begging for $$$ as usual. What? We didn't bail out the military? Shame!

Re:Surely the US military is dumb enough..

[Sloppy]

How do we know that it's not retaliation for an attack on Russian computers that originated from US military networks?

I'm not sure it matters. Whether US military computers were choosing to load and execute foreign code as a result of a foreign first strike, or a foreign counter-attack, we still have the situation that US military computers are loading and executing untrusted code, and apparently unsandboxed, so that it ended up mattering.

I don't care why it happened at the political level; I care about why it's happening at the computer or operator level. People using "important" computers shouldn't be doing that, nor should their computers be making it easy for them to do that.

No matter why the military computers were attacked, the fact that the attack worked proves incompetence.

Re:Surely the US military is dumb enough..

[lysergic.acid]

while i don't doubt that electronic warfare is being actively developed by other nations (i'm sure the U.S. armed forces aren't the only military interested in, or actively developing, electronic warfare tactics), i wouldn't put it past the MIC to exaggerate the risk of electronic attacks in order to manipulate the public. it certainly wouldn't be the first time the public was mislead about our nation's defense in order to funnel tax dollars into unnecessary defense projects. and now with war logistics being an more lucrative than ever through the Logistics Civil Augmentation Program (LOGCAP) and its cost-plus award-fee contracts, even more more private sector companies have a vested interest in seeing a renewed Cold-War-type international tension and corresponding military spending.

it's just too bad Americans never heeded Eisenhower's farewell address. of course, if more people working in the defense industry were truly patriotic, they'd all be as morally enlightened as you, and the MIC wouldn't exist.