Pentagon Discloses Network Breach By Russian Hackers
An anonymous reader writes: The Pentagon has disclosed that Russian hackers were able to breach one of its secure networks earlier this year, and referred to the attack as a "worrisome" incident. "Earlier this year, the sensors that guard DOD's unclassified networks detected Russian hackers accessing one of our networks," said defense secretary Ash Carter yesterday during a speech at Stanford University. Carter warned Russia that the U.S. Department of Defense would retaliate with cyber campaigns should it see fit. "Adversaries should know that our preference for deterrence and our defensive posture don't diminish our willingness to use cyber options if necessary," said Carter. He added in a prepared statement that the Russian hackers had been able to gain access to an "unclassified network" but had been "quickly identified" by a team of cyberattack experts who managed to block the hackers "within 24 hours." The cybersecurity response team had quickly analyzed the hack patterns and code and identified the intruders as Russian, before "kicking them off the network."
Apparently their definition of "secure network" is different from what I thought it was.
Another 10 billion dollars.
The point of the article is not the Pentagon saying that they need more money to thwart future attacks. It is to let people know that attacks like this do occur and are being handled swiftly.
"Maybe this world is another planet's hell"
Aldous Huxley
If you're know they're in, wouldn't it be better to turn the "breach" into a honeypot?
Let them into a secured system which looks useful, but in reality feeds them bad data.
Sounds like an R-rated 1990s film.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Russian hackers: we've successfully infiltrated the pentagons secret networks and have accessed their innermost classified projects. With this information we can plan accordingly our first strikes, retaliatory actions, and offensive as well as defensive capabilities in response to the scourge of american aggression
Russian political scientists: We've successfully modelled American capitalism over the last 40 years and have concluded that following two failed wars, two government shutdowns, rampant unemployment, gridlocked congress and senate, unsustainable student loan markets, widespread racism and fascism in local law enforcement, unfunded social security and public highways fund and an unchecked unenforceable labor and investment sector the united states will itself collapse into Mad Max style ruin after about 15 years.
Kremlin: Then it is decided. Cancel our hacking teams budget, slash defense, and clear my schedule for the next decade. Oh and get some popcorn.
Good people go to bed earlier.
Carter cited the newly declassified incident during an address at Stanford University, in which he also warned the Pentagon was ready to help defend America's networks and to use cyber weaponry, if needed.
so instead of hoarding exploits you are going to patch them? or will you hold companies liable for poorly written software? or maybe require CS students learn how to write secure software? or publish a free OS that is secure by default?
the Department of Defense was previously named the Department of War for a good reason.
Anons need not reply. Questions end with a question mark.
Rocky: "Hey, what's the meaning of this?"
Agent: "Military intelligence. That phrase mean anything to you?"
Rocky: "It sounds like a contradiction of terms."
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
The fact that my network is seeing a 10 fold increased attacks from Russian IP's over the past 2-3 years is enough to lead me to believe what's being said here is true. Still doesn't beat China but Russia is very quickly gaining ground.
It is to let people know that attacks like this do occur and are being handled swiftly.
In this cases handled swiftly measured in seconds, when it is measured in days it means that attackers had a chance to upload everything they had access to.
Come on, so tell us (small US biz) how we can also prevent these attacks. Between virus (expensive to clean up) and anti-virus (expensive to buy), small biz in the US are under a lot of pressure.
The U.S. Joint Cyber-Security Cyber-warfare Cyber Task Force Command Center recommends the following action:
Unplug your computer.
The fact that my network is seeing a 10 fold increased attacks from Russian IP's over the past 2-3 years is enough to lead me to believe what's being said here is true. Still doesn't beat China but Russia is very quickly gaining ground.
And how, exactly, those "attacks" look like?
...attacks from Russian IP's...
One should realize that there are a lot "pirated" Windows OS installations in Russia. I would guess more than 90%.
These PCs do not have Windows Update, since the OS is not authentic. And consequently hoards of different viruses, trojans and bot-networks run on them. The masters of these malicious networks could mount cyber activity from the IPs' of unsuspecting owners.
I would advise a Pentagon delegation to visit a Russian megalopolis for a cultural exchange trip and learn the real situation on the ground, before retaliating with cyber campaigns on poor people.
Sorry, but the Soviet Gulag found you.
And it's great that you finally came out of the closet. Now we all know, for sure, that Anonymous Coward is gay. Sure, we all just assumed it was true all along, but now we know.
Sleep your way to a whiter smile...date a dentist!
... is the root of all solutions.
It little behooves the best of us to comment on the rest of us.
Yeah, and to let people know the US has a magical purple unicorn which can pinpoint the country of origin of a 50-deep proxy chain cyber attack on a world map. F34r.
Well ok, in reality, there sure can be various signs of the origin of a complex attack, there can be indications because of the specificity of the target, there can be some level of tracking through at least international sea optical fiber cables and satellites, US-intelligence-friendly countries, honey pot/controlled proxies/Tor nodes, inside knowledge from moles, and general spying activities... But when a country publicly accuses another of a cyber attack, whatever the facts, you can be certain it's mostly just PR, provocation, and budget 'justification'/seeking...
Trademark of USG.
"Carter said that sensors guarding the Pentagon's unclassified networks detected the intrusion by Russian hackers, who discovered an old vulnerability that had not been patched."
Maybe they were looking for evidence of the UFO coverup and the intrusion consisted of logging into a passwordless WindowsNT box. ref
"On Thursday, Carter stressed the U.S. military needed closer cooperation with California's Silicon Valley, particularly after high-profile attacks on companies like Sony Pictures Entertainment."
How is putting backdoors into 'computers' going to make them more secure from hacking?
Yawn, Pentagon gets hacked regularly I'm sure. This isn't news - it's been made news because some bigwig wants to demonise Russia, hence scary Russian hackers story.
NSA, CIA of course never hack anybody.
Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
Yes, "Quickly identified" "Within 24 hours" I love that.
I art more snarky, and terse than thou. I art Slashdot!
One should realize that there are a lot "pirated" Windows OS installations in Russia. I would guess more than 90%.
Every pirated version of windows I have used, including the one I'm using right this second, has been getting updates from MS.
This may have an appearance of being updated. But by what and by whom? It is obvious that if a "Windows OS" costs USD 0.- it is not the Windows as we know it.
The fact that I can see what host and IPs it's connecting to and downloading the patch files (which are all owned by MS) tells me they are legit.