Significant Russian Attack On US Military Networks

killmofasta notes an LA Times story on a severe and widespread attack on US military computers that may have originated in Russia. Turns out the military's recent ban on flash drives was a precursor to this attack, which was significant enough that the President and the Defense Secretary were briefed on it. "The 'malware' strike, thought to be from inside Russia, hit combat zone computers and the US Central Command overseeing Iraq and Afghanistan. The attack underscores concerns about computer warfare. 'This one was significant; this one got our attention,' said one defense official, speaking on condition of anonymity when discussing internal assessments. Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary. ... [A defense official said] 'We have taken a number of corrective measures, but I would be overstating it if I said we were through this.'"

Surely the US military is dumb enough..

[Viol8]

... to have sensitive systems directly connected to the internet?

Oh , wait...

Re:Surely the US military is dumb enough..

[zappepcs]

The other side of the coin is like this:

How do we know that it's not retaliation for an attack on Russian computers that originated from US military networks?

When we start hearing news stories about computer attacks from Latvia, Peru, or some small country in the far east perhaps they can be believed. Right now the news is all about attacks from people that the current administration would like to demonize. That makes the believability of these reports a little less than zero IMO. It sounds like pure propaganda at this point. If it is real, it's probably part of a cat/mouse game that we've been playing with them all along. Anyone who has been in the US military knows that we play war games all the time with Russia. Look up news on the USS Augusta, search for news about submarines a week before and after, you'll see that it hit a Russian sub in a bad game of chicken. Why would computer networks be any different? I bet there are teams of IT people that set up honey pot networks just for this kind of war game. It would be stupid to believe otherwise.

Re:Surely the US military is dumb enough..

[gwait]

Bullshit.
Those of us outside the feverish and patriotic US Propaganda machine could see that machine heavily at work.

Yes it was entirely plausible that Saddam had WMD,
so yes it was expedient to send in inspectors.
When said inspectors turned up absolutely nothing,
that wasn't the answer America wanted to hear, since "Something had to be done about 911!".

The best summary of the Iraq war propoganda machine at work is here:

http://www.pbs.org/moyers/journal/btw/watch.html

Why should you care? America is now worse than broke, and you spend trillions blowing up a country for no benefit to that country or to the average US citizen.

Re:Oblig Windows jab

[pubjames]

Actually it was britneynude.exe

It isn't just targeting the US.

Anonymous coward here, for a reason etc.

I work with the USAF in a very official capacity in IT and got wind of the flash media ban a while back.

I've been asked to keep quiet about this, but since it isn't classified, and nobody takes slashdot seriously, take this for what it is worth:

We stopped using all flash media on all networks because we can no longer be confident that they do not come from the factory with payloads attached. I've seen entire boxes of flash media from the "amnesty boxes" set up inside USAF buildings sent off to NSA and FBI for investigation.

There are some who think that manufacturers have been infiltrated with the sole purpose of loading malware onto drives. And it isn't that it's specifically an attack on US Gov. computers - it's just that Gov. networks tend to be pretty incestuous, and flash drives are often moved back and forth between multiple computers daily by most users due to the flakiness of CAC (common access card) infrastructure.

So beware.

Good old federal government...

The federal government is finally starting to see the fruits of its trifecta of asinine spending policies:

1) Lowest bidder (God forbid we get the best value for the tax dollar, not the cheapest).
2) Standard pay rates that don't take into serious consideration the skills and experience of employees. God forbid we adopt private sector pay policies because that might make us look like we're discriminating if some employees get paid a lot less than others.
3) The fact that it often takes an act of Congress to fire a federal employee.

Like most Northern Virginia-based software engineers, I've worked a federal contract here and there. I've been exposed to incompetence from federal employees that would not be tolerated by almost any corporation. My company actually brought a formal business case for why our government program manager was wrong and her decisions would be a disastrous waste of tax payer money to her bosses. We **pleaded* with them to override her and let our senior engineer do the architecture since she had no idea how to do it.

Guess what? They told us to shut up and get back in line.

There's this myth that the outsourcing of government has ruined the federal government. That's bullshit. Government contractors are often the only people who actually get shit done! We're the ones who actually do much of the heavy lifting because the civil service for so long was allowed to deteriorate into a combination of an affirmative action program and a welfare program for stupid white men.

There are real pockets of genuine competence and intelligence in the federal government, but unfortunately, they're so isolated by the prevailing culture and leadership that it would take a real Leviathan-wrangler at least 2 presidential terms to get any meaningful culling done.

The Americans Should Learn From The Brits

The British Intelligence have learnt how to avoid infecting their systems with infected flash drives. They leave them on the train where they can't do any harm.

Re:KGB or Spotty Teenagers?

[Kent+Recal]

It probably is some windows worm or something written by a script-kiddie. But to admit that would be to embarrassing, so they make it out to be a big deal.

It is exactly this vain "cover-my-ass" attitude that makes situations escalate, sometimes up to the point of war. I understand that a bunch of old farts in DoD feel a strong need to justify (or increase) their Cyberwarfare budgets but pointing fingers at an allied country (relations with which are not always easy) in public over a non-issue like this is, imho, going way too far.

Network security by isolation of the critical parts is possible and this whole "cyberwarfare"-bullshit is just driving tears into the eyes of anyone who knows a bit about the subject.
Yes, an attacker could overload and DoS less important/perimeter networks and yes an attacker may able to overtake various individual machines or department networks, e.g. by sneaking trojans onto employee's computers, phishing etc.

If any of that worries you in a national-security kind of way then do your fucking homework and implement appropiate security layers and airgaps already!
A flash trojan is a non-issue because a critical system won't run flash. In fact, a critical system won't even interface with a system that could be taken over in such a way.

Re:I offer my services

[onkelonkel]

You work for cheap. Ask for $225/hr and then offer a "preferred services provider" agreement where they can get you for $195 if they guarantee a minimum of 1000 hours.

"We have always been at war with East Asia"

[leoofborg]

Sorry, couldn't resist.

Also, the CBC [Canadians] are running sensationalist crud on their TV.

Most irritating soundbite from a DHS 'expert':

"Digital Pearl Harbor"

I think they must have run the same quote 3-4 times.

Me? I think the military / DoD is begging for $$$ as usual. What? We didn't bail out the military? Shame!

Re:Oblig Windows jab

[orielbean]

Pre or post exploitation?