Skip to comments.Pentagon Hit by Unprecedented Cyber Attack
Posted on 11/20/2008 4:43:58 PM PST by Sammy67Edited on 11/20/2008 4:48:23 PM PST by Admin Moderator. [history]
Thursday, November 20, 2008 The Pentagon has suffered from a cyber attack so alarming that it has taken the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD's, FOX News has learned.
The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.
(Excerpt) Read more at foxnews.com ...
Ohhhhh, I can see the big MacAttack coming down the road with lights and sirens on...
I would recommend eComStation
The *real* problem is homogeneity of OSes. The *only* answer is heterogeneity.
Some Windows, some Macs, some Linux, some OS/2 ...
Throughout history monocultures have come crashing down with crushing consequences. Yet we never seem to learn.
Seems to me like it would be pretty simple to block a group of IP addresses to stop an attack. Unless someone brought something inside, then it might be more difficult to isolate, but not impossible to stop.
Once the system is compromised and your internal servers become the attack vector, you’re screwed.
Integrity-178B from Green Hills Software is the only EAL6+ certified operating system. But it's not suited to desktop or server use, more real-time embedded. Aside from that, the highest OS-related thing I know of in use is IBM's z partitioning system for mainframes (LPAR isolation), at EAL5.
At last estimate it would cost $10 billion to rewrite Linux. Count at least a decade and ten times the money to make a modern EAL7 desktop/server OS kernel since every single element of it must be formally designed and verified using mathematical models and proofs. I'm not even sure it can be done for a whole OS. The guy who can pull it off is a god among OS designers. I only know of one piece of software that has achieved EAL7, and it's a specialized network program.
Possible. Not only is China a great source of attacks, it's also a great source of open proxies for others around the world to use for attacks.
ILOVEYOU, a.k.a., VBS/Loveletter, a.k.a., Love Bug.
It was first because they worked for weeks in advance to find and exploit a bug and first publicly used it at the conference. The bug was there, but the relative time to hack was meaningless.
We're being attacked by Canada?
The conference you are referring to was CANSEC WEST (Canadian Security Conference West) and the Mac was indeed taken over first... and it took only two minutes to accomplish. However, the security consultant who did it, Charles Miller, is an ex-NSA computer expert whose team of himself and two other ex-NSA computer experts worked THREE WEEKS to find the security vulnerability and construct a means of exploiting it.
They did NOT use a "known vulnerability" (except that it was known to them because they had discovered it in the preceding three weeks) in OS X, but rather a vulnerability in JAVA. Miller stated that his exploit would have worked on any of the three OSes in the challenge as well. He just wanted the MacBook Air, which was the prize if he compromised it.
None of the three machines failed during the first day when the attack had to work via an external attack. The winning exploit only worked after the first day of the contest when the rules were relaxed and user participation was allowed. The exploit worked because the referees were required to navigate to a prepared site and click on a link or download a file and install it.
Incidentally, the team that broached the Windows Vista machine did it in under six hours with no prior preparation...
From Seven Steps to a Caliphate:
“The Fourth Phase. Between 2010 and 2013, Hussein writes that al-Qaida will aim to bring about the collapse of the hated Arabic governments. The estimate is that “the creeping loss of the regimes’ power will lead to a steady growth in strength within al-Qaida.” At the same time attacks will be carried out against oil suppliers and the US economy will be targeted using cyber terrorism.
How does it present itself? Black screen or what?
My screen has been fading in and out since yesterday.
But maybe that’s another problem.
I run McAfee every day, but I guess some worms and viruses still get through.
They'd be better off banning the use of Windows.
That is a very profound statement, and true statement. DoD already has moved toward Apple servers. They should adopt Mac desktops and laptops also. Our troops deserve the best.
Not only that, but they must interface with contractors and others, even within DoD, who prefer to send copies of presentations and such on thumb drives, rather than going to the trouble of burning CD-ROMS. But of course a worm or Trojan could ride back to the DoD internal net on a CD/DVD ROM just as easily as on a flash drive.
These guys are likely on them like white on rice.
Apple is JUST as hackable
False. A bump-proof, pick- and drill-resistant, boron alloy steel MUL-T-LOCK is less "hackable" than a Wal-Mart Master Lock. They're both padlocks, and both can conceivably be compromised, but one is just designed and built better to make it harder to compromise. That there are far fewer of them on the market is irrelevant.
I think you’re right. The world is very much in an appeasement phase, what with Iran’s announcement of having enough enriched uranium. Will anyone fight? The world has entered a global recession, an evil menace is arising, and the world is inclined toward appeasement and peace. Sounds like the early 1903s. Except this time instead of Roosevelt, a man willing to fight, we have an empty suit who thinks that national priorities are healthcare (no one is dying in the streets), college affordability (no lack of students in college these days), gay rights, etc. Roosevelt has socialistic and collectivistic leanings but at least he wasn’t afraid to kick butt.
I attended a prominent private university many years ago and most of my college buddies are liberal. I was shocked when, immediately after 9-11, many of them told me they were glad that Bush won instead of Gore. I think that if global war erupts there will be many middle America voters who will wish that McCain had won.
>>All new computers are loaded with Vista.<<
But, unless you have seen all of their computers, you can’t know what all of them are running, and I would be surprised if some of the servers are not running some form of UNIX.
Hmmmmm. OK. It's just as hackable as a system that now has upwards of 500,000 known malware... but it has only 8 known trojans that require the complicity of the user to invade the system, and zero self-replicating, self-transmitting viruses, and zero spyware. Nine years of OS X and counting and still no need to run anti-virus, anti-spyware, or any other protective applications.
Just exactly what is the magic number when the Mac becomes popular enough to attract thieves and hackers? Is 10,000,000 enough? How about 20,000,000?
The Witty Worm was written by hackers to exploit a vulnerability in just 10,000 Black Ice firewall protected Windows PCs... and infected every single one of them within 45 minutes of being released in the wild.
A Spam-bot of just a few hundred or a few thousand Windows PCs is a very useful and valuable construct... yet there are ZERO Mac spam-bots sending out spam. Why is that?
There are now over 32 million OS X Macs in the worldsurveys have shown that Mac owners are more prosperous and have more disposable dollars than PC usersyet the thieves are not going after them?99% of those Mac users are unprotected by anti-virus or anti-spy applications, yet they are NOT being successfully attacked by the thieves and hackers of the world. I would think they would be considered sitting ducks. Why aren't Macs being exploited left and right? Why aren't there thousands of Mac Spam Bots?
It certainly is not due to security by obscurity.
Whatever this thing is, it cannot be any worse than the Navy / Marine Corp Intranet, aka NMCI. The NMCI is a humongous, costly, self-inflicted Denial of Service attack. It demonstrates that even in DoD we learned nothing from the failures of Soviet style centralization.
By the way: the productive use of removable media in the unclassified environment will always far outweigh the risks coming from these devices. The command to ban removable devices is an unnecessary spasm illustrating DoD ineptness in building a reliable network infrastructure, particularly on NMCI. The ChiComs, or whomever, managed to introduce a bug in our systems. Our own flag officers and SESers multiplied this annoyance many fold with the ban on removable devices. Our enemies say thank you very much.
People can rationalize old versions of OSX all day long. They lost my organization as a customer and will never get us back. We switched to PCs with Win XP and haven’t had 1/100th of the problems. We were stupid enough to flirt with it once and it cost us a lot of money to get out from under the Macintrash. The computers were fine, it was the OS that sucked. Really sucked, to the point of drawing vacuum. The IT contractor made a small fortune off of us and any lead that suggests that we try it again is begging to be fired.
I don’t doubt that DoD could stay with Win XP, but they’re not. They’re going full speed ahead for Vista. I can’t speak for Vista having never even seen it, but I can’t find anybody who has anything good to say about it. #1 complaint: it’s a compatability nightmare.
Yep, that was it. Toward the end of that mess, someone with a big address book would have a mental lapse and click on one of them. They’d get angry phone calls from all over the world.
And I look at Windows XP (pre service pack) as an indicator of the state of the art in Windows today. Actually, the point is that an OS should advance the state of the art with every release. Vista took a step back on the whole. OS X has been advancing rapidly since its inception.
So far every release has been faster on the same compatible hardware while adding features. In fact, Apple is using this whole next release cycle for performance, security, development, compatibility and stability improvements (no new major user-facing features). It is ahead of Windows in pretty much every way.
Sounds like you also got a crappy contractor though.
Theyre going full speed ahead for Vista.
I see DoD Windows machines often and know a lot of people who work with vast amounts of them daily, and they are all on XP on the client, 2003 on the server. There may be some DoD Vista machines out there, but they are relatively very few in number. They might even skip a Windows version and go straight to 7 for wide adoption.
Bill Ayers got a computer?
This is why he could not pass the background check.
External hardware devices like DVDs?!?!
Can anyone tell me how you plug a DVD into a USB port?
I really hope that the pentagon wakes up and looks at the software/architecture they’re relying upon and the people they’ve put in charge of their systems instead of just going after people with usb keys. Just going by the story, this sounds like a typically bureaucratic CYA response. They should be lucky that their enemies launched a trial strike on them instead of in the middle of a war.
That is very interesting! You mean you believe they are moving to Apple for security reasons, not just purely IT reasons?
Hmmmm. Makes me wonder at times how good some of the IT folks really are. FWIW, I am now qualified as a GS-2210.
“...the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD’s...”
If this is considered “unprecendented,” the Pentagon needs a new security department. Not bringing in outside hardware and software is a standard practice in the real world.
I’ve been trying to read up on the particulars of the apparent threat, so as to assess what risk we might have here at FR.
I suspect a fair number of FReepers have dayjobs associated with the government, some as contractors and / or military who fairly frequently use flash drives and cards or external USB devices.
So if the gov’t systems are threatened by such devices, what keeps other network links from being similarly at risk? Hence, wouldn’t FR also be at risk? Or minimally, what keeps those in the military who own PCs from having their PCs now infected from such a threat?
IMHO, the issue manifests command and control tendencies of the military. The US used to have an outstanding system of centralized command, decentralized control. Socialism tends to migrate in the opposite direction of decentralized command, with centralized control.
Users in a decentralized fashion are able to identify the situation as it arises, then take action with resources they control. Socialism tends to require the situation be communicated back to a centralized decision maker prior to releasing resources to solve a problem.
In the USB removal policy, we effectively remove resources from the local level and constrain all local action to using only resources from centralized strict control.
All an enemy now has to to then do is focus on communication to inhibit the defense machine from operating.
The internet was intended to provide an exponentially expandable network of alternate paths, thereby reducing the risk of lines of communication being interrupted in an attack.
That’s easy to say, but very costly to implement. Enormous training and communication costs are reduced by using standard software packages. MS Office, Adobe Acrobat, .jpg and AutoCAD have helped immensely as common formats in engineering circles.
At least we aren’t arguing over ASCII vs EBCDIC.
Right. No cracker wants to be famous as the first guy to write a self-replicating, self-transmitting virus that breeched the vaunted and well known imperviousness of Mac OS X; he'd rather be just one of the hundreds of thousands of "me too"s who have easily assailed the ramparts of Windows and remain lost in the crowd.
U.S. Army to Instigate Wider Mac Implementation
By Haroon Malik, 1:00 PM on Sat Dec 22 2007
The U.S. Army's office of enterprise information systems is introducing Mac computers to its systems, it is hoped the move will render the Army less open to attack from hackers. Further, by having Macs as part of their system, it is less likely a single attack will take effect across the whole network. These new measures come at a time when the security of digital information has increasingly been under threat.
Hackers, in the past year, have managed to procure top-secret information directly from Pentagon computers, as well as from major military contractors, including Boeing, Lockheed Martin and Raytheon. Growing concern for the safety of sensitive information has led to the introduction of the Mac computers as a way to thwart the efforts of hackers prematurely. At present, Apple provides some 20,000 of the Army's 700,000 servers and desktops. This may be a very small proportion, but the number is growing annually. This fact sits a little uneasy with us:
Although we would not trade our Macs for Aladdin's lamp, calling them in to the Army's systems to further its security is questionable. First thing, we are not great believers that Macs offer greater protection than Microsoft's offerings; secondly, even if they did; where there's a will, there's a way. That way may not be so difficult with Apple computers, making the route of attack potentially easier. Also, correct me if I'm wrong, but doesn't Apple's Mac OS X license state military use of its software is forbidden?
Gizmodo's trepidation about Mac's security flies in the face of reality. Their comment that if "there is a will, there's a way" is particularly wrong as every willful attempt to access a Mac from outside has failed; every successful breech of OS X's defenses has required participation from the Mac's userfrom the inside out.
They are right that Apple's consumer license prohibits military uses, but that doesn't mean that Apple doesn't offer other forms of licensing.
Its called an external DVD player with a USB connector. I have one.
If the Pentagon had any brains, disable all USB ports but what you need for a keyboard and or mouse if they do not have PS2 connectors.
I know about external DVD drives. But I was commenting on the poorly written article. DVD’s can’t be plugged into anything. They can only be placed in DVD drives.
So to have an article written with such a glaring error is just another sign of shoddy journalism.
We have to keep bugging our reps to get ahead of this.
“Cyber Attack Linked to Company of Former Russian Spies”
ARTICLE SNIPPET: “FOX News has learned the recent cyber attack on the U.S. military’s classified computer network has been traced to a front company operated by several former Russian spies.”
By Jennifer Griffin
Wednesday, December 10, 2008