Slashdot Mirror
Russians Crack US Department of Defense Computers
iCEBaLM writes "According to this Excite article, attackers who stole sensitive defense and technical research documents from US Defence Department computers were traced back to the Russian Academy of Sciences, [which is] government funded and has ties to the Russian Millitary. It seems it doesn't stop there and that attacks from Russia are quite widespread against US government and corporate sites. From Russia with Love." No! No! It's state-sponsored Cyberterrorism! [ M.S. : I want to remind readers that there's some serious doubt that these attacks actually exist - see George Smith's Electronic Pearl Harbor for more information.]
Routing can be spoofed, after all. And because the school has ties to Russia's military, it doesn't mean the cracks (if they really happened) were driven by military forces. It could just be college CS students on the rampage, happens all the time.
I just think people need to be careful (especially with the press and its tendencies to blow up "cyberterrorism"/defacement stories) that they don't blow things out of proportion.
You mean, there are actually people in Russia trying to hack into US computers? I knew it! They must be in league with the kid from Spain that just portscanned my box.
And all this time, I thought that hackers were just kids in suburban US basements...
for classified information specifies that
there is no internet connectivity on
computers having classified data on them.
--
Insanity Takes Its Toll. Please Have Exact Change
Care about electronic freedom? Consider donating to the EFF!
-- $SIGNATURE
Their department of science is no match for our thousands of annoying Script Kiddies! It's time to organize these young punks and get more strategic with packet flooding!
I haven't read the articles too closely yet but I wonder how reliably they tracked them.
After all pretty much any hacker raised durring the cold war period would love to make it look like they were coming from Russia. Soon as the trackers got that far you'd hope their just going to jump on it! Of course now we've got better targets to hide behind but someone from the proper time period with the right mindset....
--- Juggle juggle@hitesman.com
Really, do you think the military is going to admit, or even imply, that sensitive data had been hacked into unless they had to? We'd never learn of military hacks were it not for the changing of websites which many crackers and kiddiez undertake for the sake of bragging rights. Odds are, this is a ruse to get more cyber funding. After all, the military wants to move to Mac OS X servers since they don't give remote shells at all, so what better way to get the money to do it than by talking of some overplayed Russian crack? Probably a few minor hacks at most, with no real sensitive stuff even gotten near to. Again, they wouldn't pony up publicly unless they wanted to get something out of it which is more valuable than their reputation for security--i.e., funding to buy those Macs they want. Seems obvious to me...
Russia is collapsing. It seems obvious to me that this claim is yet another childish stunt to keep Russia in the world's eye as a powerful (might I say...SUPERpowerful?) force. Remember when they jumped the gun on the the other UN forces and rolled into Yugoslavia? This inane war with Chechnya (sp!)? It smacks of desperation ...which says a lot considering that Russia is still a powerful country.
Blar.
Even if the Russian Governmant is responsible for the attack, what is the surprise? Governments are constantly spying on each other, and no doubt the U.S. has made attacks on Russian systems, just because WE didn't hear about it doesn't mean it didn't happen. A case in point is the U.S. distribution of Japanese and German cryptographic techniques which they had cracked to their allies so that they could have almost instant access to sensitive data, despite their supposed affiliation with these nations. Why would that change now?
Don't I remember seeing an article on /. or HNN a while ago about the FBI/CIA/some-other-bastards recruting script kiddies? Heh, our military is so lame they have to get their electronic defense from AOL... Not really an AC, -Ldh
Does anyone actually beLIEve anything the FBI says? Anyway, the article says that nothing but unclassified information was gathered, so whoopdy-do. Classified information isn't even accessible in this manner. It's not like they're READING ALL OF THE GOVERNMENT'S MAIL or something. ECHELON
Probably invented by government agents who don't want to get downsized like the military.
The difference between the US and Russian government would never let a story like this leak to the press. Maybe it is just hubris,but I was would be extremely suprised if we (the US) were not keeping close tabs on Russian government servers.
Spencer Ogden
...why go thru the trouble of hacking into something over rather congested, and obviously monitored Russia external INternet links? When any of this scientists can get a perfecctly legal visa to US, rent a house, buy a T1 and hack 24/7..
It was just a bored sysadmin in one of this intitutions, or a student from Moscow State CS who used to held speed hacking and protection breaking contests...
<^>_<(ô ô)>_<^>
How interesting. Assuming the ultimate source of this information is reliable, that's the second widely-publicized cyberspy vs. cyberspy incident I've heard of this week.
Doubtless, this is just the tip of the iceberg. Russia cracks the U.S., U.S. cracks Australia... Does Australia crack Russia? Maybe.
Is there a war going on or something?
-W-
-W-
Is it all journey, or is there landfall?
--Ellison & van Vogt, 'The Human Operators'
If the government wants to seriously confront the problem of foreign intrusion into critical systems, then it should forthwith remove all restrictions on strong data encryption. Strong encryption and secure communication protocols are the only defense against this kind of invasion.
Honesty. Loyalty. Kindness. Laughter. Generosity. Magic!
the article said that the documents were not classified but still sensitive. it seems to me that if you had documents you didn't want people to get classified or otherwise, you wouldn't put them in places where they could be got. they should be on a computer not connected to a network or the DOD should get a better network security team. Andrew
Fresh from the US Patent Office, more of everyone's favorite pastime, "It's Net So It's New!"
Espionage is espionage. Major world superpowers spy on eachother. It's part of the structure of things--a presumption of visibility or "Sunshine" has a way of keeping governmental structures honest.
OK, honest isn't particularly the best of words. The US constitution is based on the concept that no one power structure can be fully trusted, so it places multiple power structures in opposition and dependance upon eachother, on the assumption that the intrinsic weaknesses in one will be balanced by the greed of another.
Heh, it makes about as much sense as Mutually Assured Destruction, but we did manage to make it through the Cold War without any (public) nuclear incidents. There's something amazing in that.
Anyway, if our country is based on the concept of multiple untrustable bodies balancing eachother, geopolitical stability as a whole is probably achieved by multiple untrustable nations spying on eachother, monitoring the behaviors of one another. The war wasn't that cold--just silenced.
Don't be surprised that there are spies online. Spies read newspapers. The NSA auto-downloads a number of sites on a daily basis(so said some guy who runs one of those sites). It's an "Open Source", as they call it. Extending the fact that they use open sources to the fact that they hack in a closed manner isn't ridiculous, or different.
It's standard operating procedure. If the spies weren't using the net, the intelligence level of the intelligence community would be rather suspect.
Are there differences? Yes. For one, the lack of a need for a physical presence at a compromised site--no moles, no informants--is disturbingly efficient. A report of an entire site compromising attack--Linux Kernel Module, uploading to some Australian Samba dropsite, slapped off a compromised Teraterm Pro SSH patch--that took eight seconds to go from full security to zero...the ease of this, compared to the espionage architectures of old, does have an impact.
What were you looking for? An easy answer?
Yours Truly,
Dan Kaminsky
Cisco Systems, NSA Division
http://www.doxpara.com
From my relatively limited perspective it seems like computer-related crime is treated relatively lightly in DC. Nothing much happened to the guy who was violating security regarding information and alledgedly giving it to the Chinese, did it? Even if they've found the Russians, groups with better technology and techniques could have the potential to do bad stuff and are waiting for an opportune time, or worse, they're doing stuff now, but we aren't seeing them.
What are the tech-related issues currently under debate? Who's supporting what? Anybody know?
I know DIA doesn't have their computers connected to the web. And they are connected to CIA, NSA, the Pentagon and bunch of other places. Of course they is a lot of stuff put out on the web which by itself isnt classified but when used together it is. Too bad DIA runs NT, they never get anything done.
sidenote:
The melissa virus actually got onto some DIA computers because someone brought a disk from that was infected, which they arent suppose to do.
And no I don't work for DIA, I just know someone who does.
I thought the rule was "don't put anything on the net unless you want the whole world to see it".
I worked for a defense contractor a while and it is true--none of the computers inside a secure area are connected to anything outside the closed and encrypted DoD network. We had to go physically outside the secure area to access the net via separate computers.
Stories like these make for great press, but the only way they are going to get any secret info out of secure defense or intelligence agency is if someone placed the info on a computer outside the internal network. And this is a federal offense!
So, you got it right. Russia is freaked out over what the U.S. might have in its underwear, and the U.S. is freaked out over what Australia might have in its underwear, and Australia is freaked ... and etc etc and around it goes. Seems like entropy is, like slavery, a comes-around goes-around kind of thing. Not good.
My dread is that we are entering into an increasingly entropic situation. Look at our bombing of Kosovo, civilian targets hit: 14 schools, 3 hospitals, and all roads and bridges. mil targets hit:9 tanks period. No aircraft, no runways, etc. (The Yogo's built their military airports underground - yes they fly into and out of caves!) No anti-aircraft radar. Just entropic civilian and infrastructure bombing, while leaving the military in tact. Historically this kind of economic pessimism leads to threat of banking collapse, which is then averted (cleaned up) by war.
Read The Cuckoo's Egg. Same story. Except the attackers were located in Germany. But I believe that they were being payed by the Soviet government.
God does not play dice - Einstein
Not only does God play dice, he sometimes throws them where they
Someone tries to break into the ASX (and fails mind you), they track it down to a US mil base, and it's a spoofed IP or some other crap.
Someone tries to get into a American box (and gets IN), they track it down to a Russian IP, and all of a sudden it's the return of the cold war.
Get a fucking grip, your doing it to us, were doing it to you, the bottom line is this shit is going on daily. If the Americans are too stuped to build a secure network, and not smart enough to break into a privatly run network (ASX) and not get busted, maybe they should stop trying to play these games.
funny that this same government the fbi says may be sponsoring cyberterrorism is the same one that cant even afford to pay the soldiers guarding its nuclear arsenal. or the scientists that developed its chemical and biological weapons (and are being heavily recruited by the US and Iran).
does anyone else find the link to state-sponsorship just a *little* tenuous? as if the more likely possibility isnt a student or group of students with a little too much free time on their hands?
and besides, if the US is really stupid enough to have classified information even available (connected to) the rest of the internet i think we fricking deserve it.
as for the cuckoo's egg thing (yes i have read it), people should remember that that was in a time where the ussr still owned 1/4 of germany and werent completely bankrupt.
unc_
The State of Washington allows Microsoft to exist as a company.
And using Microsoft code is like having water dripping on your forehead. While having bamboo shoved under the fingernails.
Ego: If the state cared, they'd prevent Microsoft from existing.
Think about it: if you were a small, third world country looking to steal a few secrets from the last remaining superpower in the world, whom do you pick to masquerade as the actual attacker? Duh! It's Russia - the same Russia who we (America) has spent hundreds of billions racing for arms with, stockpiling nukes with, etcetera, etcetera. From an outdated historical perspective, it's perfectly reasonable, almost impulsive, to assume that any probe concerning classified data would be coming from Russia, public enemy #1 for pretty much the latter half of this century.
The problem is that just because "the intrustions appear to originate from Russia," doesn't mean the KGB or whoever is responsible. In fact, the only thing this proves is just that: that the packets came from a computer in Russia. Whether that computer was itself cracked, and whether the information theft was performed at the console, or via a telnet session from Libya, is impossible to determine. But let's be honest: no self-respecting cracker would ever leave a blatant calling card like this, especially not when you're dealing with the US DoD. Chain-telnetting between two,three,five,six boxes before actually cracking a site is pretty much SOP for any serious cracker, which is why I submit that it's far more likely that this crack did not originate from Russia, or if it did, not in direct connection to the University mentioned. I think whoever perpetrated this wanted us to see the University and notice the military connection, and as far as that's concerned we've all fallen hook, line, and sinker.
I think there is a world market for maybe five personal web logs.
You should beleive him because he's right. The US goverment is extreamly anal about electronic systems. I happen to work for a goverment contractor and there are more rules than you can shake a stick at. You can't even bring any electronic devices/media near classified systems let alone hook them up to a public network.
As a former employee of the Russian Academy Sciences (RAS) I strongly doubt that now it is capable of carrying out of anything like this attack. After the collapse of the Soviet Union RAS is in extremely poor condition with most capable people gone either abroad or to commercial companies. Younger people do not join RAS because of very poor working conditions and low wages. It is hard to find anybody younger that 30 there. The monthly salary at RAS is something about US$100 that even in Russia is almost nothing for a computer professional. In fact, I am just waiting when Russian government will openly admit that it does not see any need for science and technology and will close RAS bringing suffering of its employees to the end. And another issue is that very few people in the West understand what RAS is (or was), and RAS name taken alone always leads to some overexpectations. The only thing that RAS has now is its past.
Of course, there is a chance that may be some script kiddy has gotten stuck in RAS but it is quite slim, IMHO. Also in many cases RAS poses simply as an ISP (e.g. domain relarn.ru) that is used by some private and government organization. Some descendants of the Soviet KGB are certainly experienced and capable of cyber attacks.
I'm quite shock that no one has mentioned what is obviously the easiest defense against cyberterrorism. DO NOT CONNECT COMPUTERS WITH SENSITIVE INFOMORMATION OR FUNCTIONS TO THE INTERNET. Sorry to shout, but why doesn't anybody think of this. If people can't connect with the computer they can't preform cyberterrorism. If having these sensitive systems on some sort of WAN is important then build your own damn WAN. Large corporations have been doing it for years. I don't see cyberterrorism as a threat, I see government/managerial stupidity as a threat.
Sorry to rant, but I'm tired of hear all this cyberterrorism BS. I swear if I heard that word one more time...
E29
a lot of times crackers will use universities to spoof their IP through since universities have tons of user accounts and typically easy passwords to guess.. this could be anyone in the world who thought it was funny to use a Russian network to crack US computers...
If the new KGB in Russia supposedly has a dedicated line to all ISPs, shouldn't it be a "simple" matter of diplomacy to acquire some year old, (rotting) logs?
...now everybody start blaming Russians for all US government's troubles.
Contrary to the popular belief, there indeed is no God.
Sheesh, get a grip. Why don't you *READ* the article first before posting? Nuking them would just invite everyone else to nuke us. Idiot.
May I tell you that even if some hacking comes out of RAS (Russian Academy of Science) it doesn't mean a thing 'cos these days all these institutions here in Russia are populated by young graduates (seeking to evade conscription into army - by law if after graduating from university you go "into science" you get a "delay" from conscription as long as you work there) and mostly elder staff that are, mostly again, afraid of computers and 'net. :-)
So - guess what - I think it's all just some 20-something guys that have enough knowledge and too much spare time and free 'net access. Nothing more here, IMHO.
BTW: These same guys are also making a lots of good soft
The uniforms tend cry about every port scan as it is the end of the world. If the portscan comes from an ex-eastern block country it is marked with special priority and they go immediately paranoid and blame all teir recent problems on the "russian attack"
;-)
This is not a flamebait (I have worked in the
are and I dealt more than enough with cases like this).
That is besides the case when the remote box has been r00ted
I do agree that the situation in RAS and Russian science in general is much worse then in the Soviet times, but there still some institutions that survived and work quite well now, e.g. IAP RAS in Nizhny Novgorod. It supports a faculty in local univercity and most of graduates continue to work in IAP. I left it for work in computer company, not because of low wages but of changed interests - if I spent the same time and efforts working in physics, I could get the same money (of course, most of it being from western grants). As for the attack itself, it could be done, for example, by kids of employees in one of the institutes.
Great, it's just like what the US act onto other nations. They engage in espionage even on their "friends" esp. the industrial nations. They have in in no way the right to blame others to likewise. (They even spy enough on their on people, Hello NSA!)
Classified computers are not connected to the net. No classified data was lost. It says that in the article.
Sensitive data might seem innocuous to the casual observer. A single piece may mean little. But a group of specialists with many sensitive pieces can discern what the classified object is. If you don't believe that, you are fairly ignorant of basic espionage techniques.
China's stated goal is to eclipse the United States within 50 years. In the recent US spy trials, it was disclosed that China has a plan on the books to launch a nuclear attack on the US within 5 years (before the US missile defense systems begin deployment) China estimates each side would "lose" about 150 million people, or roughly 10% of the Chinese population, a loss they consider acceptable. China is a human rights nightmare, with a communist government that is anti choice and anti market. If you dislike the US Government and the DOJ, wait till you try running a business in China. BTW, Bill Gates has a lot of admiration for China and visits Beijing regularly. Apparently, antichoice/monolithic thinkers enjoy each other's company.
Russia has a lot of brilliant scientists and programmers. They are also in severe economic trouble, and have a terrible problem with organized crime. It's becoming clear that a lot of the "old guard" remain in power, especially given the recent embezzlings and amazingly efficient population roundups (following the terrrorist bombings) I don't doubt someone in the sciences is making a concerted effort to hack the US Military.
Obviously, something happened on the US bases. A couple months ago, everyone had to rotate their passwords, and the comm people were running all over the bases. An ISP had their contract pulled from at least one base, due to the tightening.
Finally, *something did happen*. Possibly something bad. For all the comments about "Oh, well, every country does it, big deal", try to remember that the United States is a great protector of freedom, and many of the countries listed in the article have pledged to kill all Americans in the name of religion, or wish to deny people a free market and choice via the use of the communist system.
The loss of a major technology to a communist or radical religion-based country could mean the difference between slavery and freedom, or death, for generations of people.
I'm not an experienced cracker, but I can think of a few ways to make sure nobody can track me past a certain machine.
More plausible is the idea that some technical-minded dolt tried to create an incident...and didn't do a very good job.
What would make this more interesting (not necessarily gov't sponsored as the articles imply, but interesting) would be someone that takes down some critical system in D.C. every few weeks. Leave some sort of script toolkit laying around at one of the boxes you let them "trace you to" and include one that "subtly" implies that the cracker either has or had an account on some government's machine. It's the difference between section D3 and the front page of the Post.
Personally, I'd take a few shots at Eschelon and implicate the Melissa Induhvidual. You know, "crank it up a notch" ;)
kapitalisticheskie cobachki! Znaem myi vas!!
support gun control: take guns from cops
Everyone seems to have some misunderstanding concerning the government. I know people post this stuff over and over again, but it still doesn't seem to sink into people's skulls. Somehow I thought the situation could be remedied by posting even more stuff :P
I work around DC, working for somebody who works for the government. Since I know people personally who have worked for lots and lots of these seemingly black agencies, I am less likely to believe in grand conspiracies against the US people. But I realize I am libertarian/anarchist flamebait.
Computers with classified information must be physically not connected to the internet.
Computers with sensitive information might be connected to the internet. Getting into this information would be akin to getting a company's proprietary information.
Putting together lots of unclassified information can get you (surprise) classified information. In fact, there are things that are pretty much common knowledge (that have been deduced) that are also *still* classified. (See Tom Clancy)
If the government really wanted to try and crack the aussie exchange, (and I can't figure out why they would) they *would not* ask the air force to do it. The air force does a lot of great things besides fly planes, but they don't crack. (It really wouldn't surprise me if some 19 year- old acme ridden airman had tried something, however.)
NSA Does Not Spy On Americans. Any foreigner anywhere is fair game. At least from what I understand, although they would be wasting their money to spy on someone unless it impacted national security. NSA is like CIA -- its intelligence gathering is out of country. That's why the fbi had this program to learn codebreaking stuff from the nsa. They can't ask the nsa to break codes of americans, just like the army wasn't supposed to be directly involved in waco.
Any of this information could be debated, but I believe it to be true from what I've come to understand by working for the military-industrial complex.
I suggest we give immunity to crackers that attack other countries like china and russia. It would really be nasty for them if they knew that the federal government wouldn't prosecute the people attacking them.
i thought i read somewhere (the AP maybe...) that the only computers they were able to get into were non-classified. maybe i was just seeing things. maybe this started as a rumor and the press turned it into fact...
get your dirty sig off me, you filthy APE!
No one is "supposed" to take work out of the secure area, or home, but it does happen. Somebody brings in a laptop and copies files. They connect to the net. They copy files to their desktop and then use that later to connect. That's how the Chinese spy supposedly stole the secrets. It's just too common.
It's 10 PM. Do you know if you're un-American?
Someone has already stated his opinion about cyberattacks coming from Russia Academy of Sciences. And I agree mostly with him.
I don't wanna state that we are angels. You listen, we listen. You crack, we crack. Two weeks ago I was searching for a guy coming from a US site. Somehow he managed to get a login from one of our networks and was roaming wild under one of our accounts. On this I used methods that sometimes are considered to belong to the cracking field. You consider this bad? Well tell me another method to work with. But don't ask me to fill a three-page report in five copies that should be sent to room 666 stating that someone is breaking in - "PLEASE HELP!!!!!". ("Ok in three weeks time we will deliver you the answer...")
This article is pure hype. And stupid one. Just because attacks can be traced to an academical institution from Russia does not mean its one more KGB plot. Frankly let's see things with straight eyes:
RAS is the top body of academical Sciences in Russia. So it's NATURAL that it has links to military. As NASA or the American Academy of Sciences. In fact any institution of superior education in the world has always a link to THEIR military.
RAS is a very broad institution. It has institutes, departments, branches, representations and a lot more. Besides a lot of Universsities in Russia hve their Internet directly connected to RAS networks. Can you tell me how many students would avoid the temptation of "visiting" DoD with a simple nmap?
Ok the attacks come from Russia. Yes Russia is listening and sniffing. But everyone does this. Today even a 10 year old does this. Everyday I have people sniffing around the network I'm in. This situation is so broad that even security is made under the idea that anyone can sniff or try to crack you. So the question. Has anyone the proof that attacks coming from RAS are made by a guy in uniform???
Russia is attacking. What about France, Britain, Germany or Japan? What about US itself? Or gentlemen don't listen to each other? Is Echelon just an academical game and SF tale?
Is Russia attacking? Of course! Everyone is doing it. Why Russia can't do it? But sincerly if we take everyone in the same pan I think that we barely can see the differences between each one. Not only between states. But also between individuals, institutitions or companies. Today anyone can play James Bond in a very high level. There's only the need for some brains, pacience and resources. Today this is not a threat or a menace. It's the reality.
It's not the Economy anymore. It's the Network, stupid.
putting "sensitive" information on ANY internet connected computer is a breach of security in the DOD, so it is my belief that this is definitely full of crap...
Why doesn't Russia just put it's people into
our research centers like China does?
Its a trade off between the need to share
information with certain people who may not
be a member of your organisation and the need
for security.
Computers work best when they can talk to other computers. Systems can be secured,
but if they are so bulky, nobody will use them.
But still, you are right.
Building secure systems are tricky, and the
people designing the systems need to know this stuff.
From the article:
intruders had stolen "unclassified but still-sensitive information about essentially defense/technical research matters."
And maybe they didn't come through the Internet but through an internal network using telephones. (I don't know but I don't think the article says either way.)
But I agree with those who say that the article is just full of Cyber-hype.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
You aren't allowed to bring a laptop into a secure area.
Nor are you allowed to bring a floppy disk, or even a radio!
I remember reading about an event that happened several years ago. You'll have to forgive me - I'm fuzzy on the details (maybe someone else has read the same account and can fill in the gaps). But it went something like this...
Some guy was tracking down attacks on his systems (University, I think). Amoung the jump-points of the attacks was a Naval research facility. The guy met with the facility's COMSEC person. After some audit of their networked systems, the COMSEC guy was horrified to find the amount of data that had crossed from their "air firewall" systems to the networked systems. People transferred data on their own accord to make their jobs easier. They also disregarded security.
Now, this certainly doesn't mean that some Navy public web site is also a secret harbor of highly classified documents. And the press sure doesn't do much to limit this kind of wrong impression. However, one also has to be aware that despite rules and regulations, sensitive data might still be vulnerable.
Geez, how hard is it to send a customized Back Orifice to just about any company executive and get him to click on the attached document that installs it? If you have important data on a windows connected internet box you deserve to lose it.
YOU sir have no idea about what you are talking about. The original poster does actually know what he's talking aboute. You are arguing about the definition of the word clasified, when it's pretty obvious what the intent of the first poster was.
The security people happen to error on the side of EXTREME paranoia when clasifying data. What does this mean? It means that they will slap a "confidential" label on anything that could be considered even remotely interesting. And then it's usually not very usefull data anyway. If you want something interesting you usually end up dealing with S/SAR or TS material. (needless to say, this makes engineering life a royal PAIN in the arse.)
Let's talk networks now, shall we?
Networks that deal with different class levels have to be isolated. In between class levels you can SOMETIMES get away with firewall or crypto type isolation. sometimes. (like you can install a 1 way gate between a lower level and higher level to allow data be moved from a low level on up). To go from higher to lower level you have this god awfull procedure to follow. very "unfun".
From unclassified to ANY classification level ye olde NISPOM (gov security manual) says you must have physical media isolation. Period. An they really want you to go a step further and separate the wires by at least 1 meter. Fiber is prefered.
So, to conclude my rambling so I can go do something usefull, if someone stole truly "classified" data from a system that was accessiable via the Internet, somebody broke the rules on the DoD side. While that is possible, security folks tend to be really really paranoid and I doubt any data they stole was really classified.
later,
dv
"There's no secret. You just press the accelerator to the floor and keep turning left." -- Bill Vukovich
Don't forget that... And the more distabilized Russia gets, the more dangerous it becomes. Believe me, you do not want terrorists organizations and governments, who can't stand U.S. and are not afraid of dying for their cause, getting their hands on all these nuclear, biolocal and chemical weapons. You would rather want to see a strong, but stable Russia than that scenario.. Trust me.
I mean they were always on about the Russians coming to get the states in the 80's and oh err it seems like they have started again!!!
And depending on who you work for, you can't even take a Furby into a secure area (it's a recording device).
Yep. The military complex is really just a big country club of spooks. They spend their time sipping Mai-Tais and lacing the public water supply with paranoia-inducing drugs. The last thing they want to deal with is pesky issues like information security and classifications.
The military is actually quite aware of how sensitive information is. And they're quite good at deturmining a classification level. But stamping a classification on a document isn't all - ensuring the document is handled properly is the problem.
Once again, you might be interested to know that this is hardly an unknown concept to the military. They refer to it as "essential elements of friendly information" (EEFI). When enough elements of unclassified information is gathered, classified information may be revealed.
Lets look at a common example of EEFI. Say a unit is going to be deployed to SandLand. Those orders are classified. However, observers are able to note changes in work schedules and large movments of equipment. They also know the unit is a rapid deployment unit. Furthermore, it is coming on winter. Yet, military personnel are observed buying a lot of warm-weather gear (shorts, shirts, sandels, sun screen, sunglasses). Its obvious that the unit is preparing to deploy to a hot climate. Scanning CNN reveals that there is some recent unrest in SandLand. Its a safe bet that the unit being observed will be deploying to SandLand.
Secure information is compromised without the actual involvement of secure documents.
What does the military do about EEFI? Classifying all and every document within the military would make day to day operations near impossible. Instead, the military attempts to keep aware of the dangers of EEFI and, via that awareness, try to limit the amount of information made available.
The govt will try scaring the people by saying how the evil russains hacked (grin) our computers and stole many many secrets. Now Clintons new government run security program will make sure the internet is nice and secure. Remember the big deal you all made about how bad it was? Pure government propaganda plain and simple. Why were such critical systems on the internet anyhow? Are they that fucking stupid? Clinton sold the chinese more secrets than anyone has ever hacked.
Of course all this stuff is bullshit, but...
/. readers in the US will get enlisted?! How about CyberViet?
If at some point in the future we do have a cyberwar with someone, does it mean that all
The word "woman" is no longer politically correct.
The word "woman" is no longer politically correct.
You should use "Female-American" instead.
Hey, let's just stop all this cybershit, and nuke each other! Would be so-o-o cool!!
Whether these intrusions really were from Russia or not, this kind of thing is soon going to be the norm.
;-)
I propose the US government setup dummy servers with disinformation: plans from non-working technology that went nowhere and cost a lot of money to develop. I'm sure we have plenty of that
The sites can have juicy-sounding names that will attract attention and some weak security just asking to be broken. Then just sit back and track the intruders' actions.
This isn't an excite article, its a Reuters article that excite carried. why not post links to the news wires instead of to the portals that carry their stories?
A Bloody beach. Normandy.
A Bloody island. Iwo Jima.
My father's best friends. Blown out of the sky next to him.
My Rumanian neighbor's closest friends. Shot in the back by communists for speaking their mind.
Now who's naive? I'm sorry, but if you really don't beleive America contrbuted greatly to the freedoms many people in the world have today, and continues to contribute to the same, you need to study some history and read a few papers.
I admit your examples of the petty dictators the US has mistakenly supported are/were a mistake. Most Americans take a dim view of such institutions.
No one claims America is perfect, but America is (historically) a leader when it comes to freedom and democracy, in the great western traditions of Greece, Rome, France and England, all of which have made their own mistakes.