[iwar] Historical posting
From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
fc Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, Jan 1, 1999
From: Fred Cohen
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
...
Russian Hackers Steal US Weapons Secrets (London Sunday Times
July 25, 1999)
By Matthew Campbell, Washington
American officials believe Russia may have stolen some of the
nation's most sensitive military secrets, including weapons guidance
systems and naval intelligence codes, in a concerted espionage offensive
that investigators have called operation Moonlight Maze. The
intelligence heist, that could cause damage to America in excess of that
caused by Chinese espionage in nuclear laboratories, involved computer
hacking over the past six months. This was so sophisticated and well
coordinated that security experts trying to build ramparts against
further incursions believe America may be losing the world's first
"cyber war."
Investigators suspect Russia is behind the series of "hits"
against American computer systems since January. In one case, a
technician trying to track a computer intruder watched in amazement as a
secret document from a naval facility was "hijacked" to Moscow from
under his nose. American experts have long warned of a "digital Pearl
Harbor" in which an enemy exploits America's reliance on computer
technology to steal secrets or spread chaos as effectively as any attack
using missiles and bombs. In a secret briefing on Moonlight Maze, John
Hamre, the deputy defense secretary, told a congressional committee: "We
are in the middle of a cyber war."
Besides military computer systems, private research and
development institutes have been plundered in the same operation. Such
institutes are reluctant to discuss losses, which experts claim may
amount to hundreds of millions of dollars. "We're no longer dealing
with a world of disgruntled teenagers," said a White House official,
referring to previous cases of computer hacking in which pranksters have
been found responsible for incursions. "It is impossible to overstate
the seriousness of this problem. The president is very concerned about
it."
The offensive began early this year, when a startling new method
of hacking into American computer systems was detected. A military
computer server near San Antonio, Texas, was "probed" for several days
by hackers who had entered the system through an overseas site on the
internet. Dozens of infiltrations ensued at other military facilities
and even at the Pentagon in Washington. When research laboratories also
reported incursions using the internet technique, officials realized
that a "cyber invasion" was under way. "There were deliberate and
highly coordinated attacks occurring in our defense department systems
that appeared to be coming from one country," said Curt Weldon, chairman
of a congressional committee for military research and development.
"Such a thing has never happened before. It's very real and very
alarming."
Even top secret military installations whose expertise is
intelligence security have been breached. At the Space and Naval
Warfare Systems Command (Spawar), a unit in San Diego, California, that
specializes in safeguarding naval intelligence codes, Ron Broersma, an
engineer, was alerted to the problem when a computer print job took an
unusually long time. To his amazement, monitoring tools showed that the
file had been removed from the printing queue and transmitted to an
internet server in Moscow before being sent back to San Diego. "It
turned out to be a real tough problem for us," he told a private
computer seminar last month. It is not clear precisely what information
was contained in the stolen document. Beyond its role in naval
intelligence, Spawar is also responsible for providing electronic
security systems for the Marine Corps and federal agencies.
It is suspected that several other intrusions had gone
undetected. Oleg Kalugin, a former head of Soviet counterintelligence
now resident in Maryland, said such facilities were prime targets for
Russian intelligence. He said the Federal Agency for Government
Communications and Information, a former KGB unit that specializes in
electronic eavesdropping, was certain to be exploiting the internet for
spying on America. "That's what they're good at," he said. America's
high-precision technologies, including weapons guidance systems, are of
particular interest to a country such as Russia where economic woes have
prompted crippling cutbacks in funding for military research. "Russia
is quite good at producing technology but can't afford to finance the
research," said Kalugin. "It's easier to steal it."
The computer assaults have given fresh impetus to measures
ordered by Clinton more than a year ago to protect the country's
electronic infrastructure. Alerted to the threat of Moonlight Maze, the
president has called for an extra $600m to help fund a variety of
initiatives, including an infrastructure protection center in the FBI to
gauge the vulnerability of computer systems to attack. He has ordered
the military to develop its own information warfare capabilities to
respond to such attacks. But Weldon, describing dependence on computer
systems as "the Achilles heel of developed nations", said this is not
enough. He is advocating the creation of a unit in the Pentagon under a
senior commander to oversee the defense of computer systems.
According to other experts, America has been so preoccupied with
beating the Y2K (year 2000) or millennium bug - a programming problem
that could paralyze computers on the first stroke of the new year - that
its military, scientific and commercial communities have neglected the
overall security of their computer systems. At the same time, the huge
number of systems being overhauled to make them Y2K-compliant has
heightened the risk of infiltration. Alarmed by the theft of military
documents whisked to Russia, American officials argue that the country
should brace itself for other, equally disturbing forms of information
warfare that, in theory, could bring the country to its knees. China,
Libya and Iraq are developing information warfare capabilities and,
according to one White House official, "we see well-funded terrorist
groups that also have such capabilities".
A series of war games conducted by experts last year revealed
that the world's greatest superpower could be at the mercy of a handful
of determined computer hackers paralyzing airports, markets and military
systems with a few taps on a computer laptop.
Suspicions that Russia is responsible are based partly on the
involvement of Moscow-based internet servers in some attacks. But
experts caution that evidence of a Russian hand in the operation may not
signal a Kremlin connection. "It could turn out to be Russian organized
crime," said one expert. "And they could be acting as a front for the
intelligence community." Ironically, the Russians are pressing for an
international treaty to freeze information warfare. "We cannot permit
the emergence of a fundamentally new area of international
confrontation," Sergei Ivanov, the former Russian foreign minister,
wrote in a letter to Kofi Annan, the United Nations secretary-general in
October. Subsequently, Russia's relations with America have reached
their lowest ebb since the cold war because of NATO's intervention in
Yugoslavia. Relations with China have also suffered. An offensive in
cyberspace may be their one way of retaliating without getting into a
shooting war.
--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225
Fred Cohen & Associates: http://all.net - fc@a... - tel/fax:925-454-0171
Fred Cohen - Practitioner in Residence - The University of New Haven
Have a great day!!!
Per the official policy of Sandia National Laboratories, the reader should be
aware that:
- Fred Cohen of Fred Cohen & Associates is the same Fred Cohen who is a
Principal Member of Technical Staff at Sandia National Laboratories.
- Fred Cohen & Associates - is owned and operated by Fred Cohen and is
separate and independent from the work done by Fred Cohen at Sandia
National Laboratories.