Return-Path: <sentto-279987-1655-998947683-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 27 Aug 2001 14:29:16 -0700 (PDT) Received: (qmail 28412 invoked by uid 510); 27 Aug 2001 21:28:06 -0000 Received: from n33.groups.yahoo.com (216.115.96.83) by 204.181.12.215 with SMTP; 27 Aug 2001 21:28:06 -0000 X-eGroups-Return: sentto-279987-1655-998947683-fc=all.net@returns.onelist.com Received: from [10.1.4.53] by ei.egroups.com with NNFMP; 27 Aug 2001 21:28:03 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2); 27 Aug 2001 21:28:02 -0000 Received: (qmail 59717 invoked from network); 27 Aug 2001 21:26:58 -0000 Received: from unknown (10.1.10.27) by l7.egroups.com with QMQP; 27 Aug 2001 21:26:58 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 27 Aug 2001 21:26:57 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id OAA08163 for iwar@onelist.com; Mon, 27 Aug 2001 14:26:48 -0700 Message-Id: <200108272126.OAA08163@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 27 Aug 2001 14:26:48 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] Hill Air Force Base being targeted in ongoing cyberspace war - news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Hill Air Force Base being targeted in ongoing cyberspace war Security News Portal, 8/27/2001 http://www.securitynewsportal.com/article.php?sid=1659 There's a new type of cold war being waged between the United States and its enemies. This cold war is fought in cyberspace and, if the American forces lose, could have crippling effects on military operations, even lead to human casualties. "Spies today don't wear trench coats," Ovie Carroll, an agent in the Air Force's computer-crimes unit, told the Air Force news service. "Instead, they carry laptops." Utah's Hill Air Force Base is one battlefield in this digital war. About 1,000 hackers a day attack Hill's computer system and its 64,000 dataports, reports John Gilchrist, Hill's chief of information assurance. "Anytime there's a world situation where the U.S. is involved, we see an increase in activity where people are reaching out to say 'hi' to us," Gilchrist said. Saying "hi" can come in numerous forms. The most threatening greetings occur when hackers attempt to access information or conduct sabotage. During periods of international turmoil, such as the Chinese spy-plane incident, American "computer geeks" become angry with a perceived enemy nation. They then send viruses or other destructive programs to terminals in that country. In turn, hackers abroad fire back with similarly destructive attacks on military computer systems in America, Gilchrist said. And so the cyber-war is waged until the accompanying international incident subsides. The war isn't confined to American interests. During the ongoing conflict between Pakistan and India over disputed land in Kashmir, numerous attacks crisscrossed the Internet between the two nations, former Air Force Capt. Richard Bejtlich said. Besides attacks spawned by international incidents, Bejtlich said, there are everyday battles of equal importance to U.S. interests. Bejtlich is a former member of the Air Force's Computer Emergency Response Team. He left the service in February after spending three years protecting military networks from international and domestic terrorism. The ex-captain now does similar work for private companies. For Bejtlich and his emergency response team, the greatest cyber-threat was the "computer spy," hired by foreign intelligence services to gain information from U.S. military networks. "Spying has always been around, and once computers were attached to networks that's just a natural progression," Bejtlich said. Carroll is one of 48 agents in the Air Force Office of Special Investigations computer crime investigations unit. OSI investigators are responsible for catching and prosecuting hackers, while people like Bejtlich are responsible for keeping them out of the systems. Still, it's impossible to keep everyone out. Bejtlich's biggest fear, as a military captain, was a mole. In the computer realm a mole works much like a covert operator in the real world. Cybermoles, Bejtlich said, are akin to Cold War Russians who were sent to the United States, raised as Americans, placed in military jobs and then were used when it was absolutely necessary to gain information. Similarly, a mole enters a network quietly, creates a back door into the system and slips out silently. Then five or 10 years later, when the mole's country is involved with the United States, the back door is entered and the spy has access to needed information, Bejtlich said. While the data that is passed between military computer systems isn't classified, hackers can use nonclassified information and system access for purposes that could end in death for U.S. citizens. Unclassified data can be combined with other unclassified data to create a larger picture of military operations that would be considered classified and compromise soldiers. "People can die in this business," Carroll said. "If someone hacks a computer, it doesn't even have to have classified information on it, but information that provides a picture of our operations, that could mean the mission fails, or worse, airmen die." Bejtlich said his emergency response team was constantly working under the posture that military lives were at stake. "That was always the focus," he said. "We're not just protecting computers or data systems, we're protecting operation capability and the end result if that capability goes down is that the mission could fail and people could die." Besides accessing data or shutting down a system that could leave servicemen and -women without communications, hackers can tamper with nonclassified military information and kill people. For example, Bejtlich said, a rogue hacker could access medical records and change the blood types on people's files. That way, if someone was injured in combat he would be given the wrong blood type and die. At Hill Air Force Base, the system has been hacked a few times in previous years but has been impenetrable recently. The former intrusions took the form of viruses that wreaked havoc on base systems and "made it hard to fly planes," Gilchrist said. Now, however, Gilchrist boasts that his system is virtually "unhackable." Recently, a group of expert Air Force hackers played a war game with Gilchrist and his Hill crew. The hackers' goal was to infiltrate Gilchrist's system from outside the base. When the games were over Gilchrist's team had successfully stopped every attack. "I dared them to get in," Gilchrist said. "I'm sure there's a way to hack our system but I'm not sure how." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get VeriSign's FREE GUIDE: "Securing Your Web Site for Business." Learn about using SSL for serious online security. Click Here! http://us.click.yahoo.com/KYe3qC/I56CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT