WASHINGTON (April 7, 1998 00:07 a.m. EDT http://www.nando.net) --
In early February, the Pentagon went on alert. Someone was targeting
an array of sensitive military computer systems across the country
and managing to penetrate them.
Alarmed that the attacks were occurring at the same time the
United States was preparing for a military strike against Iraq,
an emergency Joint Chiefs of Staff-led task force went on 24-hour
shifts, trying to identify the attackers and catch them.
For a week -- long enough for someone with ill intent to wreak
havoc on the 11 Navy and Air Force unclassifed systems that had
been breached -- they didn't know whether they were dealing with
terrorists, a hostile foreign government, an individual with an
ax to grind, or relatively benign hackers getting their kicks by
"pinging" the Pentagon.
That the culprits ultimately were identified as two 16-year-old
California boys and an 18-year-old Israeli man on a lark -- and
that no classified systems were entered -- brought relief to
officials that the most organized and systematic assault ever
on Pentagon computers was essentially a prank.
But the attack also revealed how vulnerable the nearly 2,000
defense systems are and how long it can take to even determine
the nature of an intrusion. It also triggered remarkably candid
public assessments of computer weaknesses that could, in the
worst of cases, significantly harm American military operations.
The "kids were able to create an awful lot of disruption in
the Department of Defense," Pentagon Deputy Secretary John Hamre
said recently while on an overseas trip to, among other things,
warn NATO allies, whose military computer networks are linked
with those of the U.S., of the burgeoning threat.
The February breach was notable for its breadth, but it was
merely the latest in a growing number of computer intrusions.
In 1996, the Pentagon detected more than 250,000 break-in attempts,
according to the U.S. General Accounting Office. Of those,
65 percent, or more than 162,500, were successful.
The problem is compounded because the Pentagon conducts 95 percent of
its communications over commercial systems. And it is not the sole
domain of the Defense Department. Last October, the State Department
put the clamps on computer network use at two unidentified overseas
posts after a GAO investigation turned up evidence an unauthorized
person had gained access. Instead of using computers for
communications, the posts dispatched couriers to personally
deliver sensitive information on paper to the intended recipients.
The Pentagon has been grappling with the headaches of information
security, or "infosec" as it's known within the department, for
several years. This year, more than $1 billion will be spent to
combat it. Defense officials acknowledge their systems are riddled
with vulnerabilities, but believe they have some breathing space to
find solutions because potential enemies are still years off from
having the technical capability to inflict substantial cyber-harm.
So far, though, there have been no penetrations of classified
systems and no major damage has been done, officials said.
But that doesn't mean that the threat is remote. FBI Director
Louis Freeh, whose agency is investigating the February Pentagon
attack, told the Senate last week that the U.S. is aware of
high-level planning for a computer assault.
"We are aware of planning operations by foreign counterintelligence
to attack our infrastructure," Freeh said. So far, he said, no
attacks by state-sponsored terrorists have been detected.
Still, even essentially benign penetrations, such as those
accomplished by the teen-age hackers, can pose grave threats
to the nation's security apparatus.
"We do virtually all of our business now over computers,
everything from sending messages to headquarters, to ordering
supplies, to paying the troops, to keeping track of medical
records," the Pentagon's Hamre said.
"If someone can come in and disrupt those computers, change the
data or send misleading messages, they can do tremendous damage
to military operations," he said.
What if, Hamre said, a hacker got into the Pentagon's telephone
directory and changed every 10th number. "It would take several
days to figure out why the numbers were not going through. Since
it wouldn't be happening all the time, it wouldn't be clear that
a computer hacker had randomly changed" the numbers, he said.
In the vast February attack, the two high-school sophomores and
the Israeli computer whiz who calls himself the "Analyzer" broke
into systems across the U.S. and in Okinawa that perform largely
logistical and administrative tasks, such as those involving
payroll, personnel and building matters.
They apparently were able to take advantage of a computer
vulnerability that let them assume powerful administrative
privileges that could have allowed them to change passwords
and delete computer files. Investigators believe they picked
up tips on how to infiltrate government networks from easily
accessible Internet sites that offer "how-to" directions.
The hackers also attempted to leave "trap doors" that would
allow them, or other intruders, to infiltrate the systems
again without detection, Hamre said.
The attack triggered a defensive frenzy. "We went to 24-hour
shifts and kind of created a crisis action team. We had to go
through an enormous amount of effort to protect the computer
systems, and then to monitor them, clean them up," Hamre said.
The breach served as a "wake-up call" that galvanized the
Pentagon and the rest of the administration to significantly
speed up efforts to combat information intrusions.
"It has dramatically accelerated the Pentagon's and federal
government's plans to get on top of this problem," Hamre said.
But before that can happen, the nation has to determine just
how widespread and frequent computer assaults are. Officials
concede they don't have a clue, largely because there is no
overarching monitoring program to detect where, when and how
intrusions occur.
Until the latest breach, the Pentagon -- like other public
and private organizations -- hushed up break-ins for fear of
advertising the vulnerability of the systems and thus
encouraging other, potentially worse attacks.
Now, the strategy is to publicize the problem to alert users
to be more careful and managers more watchful. The Pentagon
also is moving toward installing a cutting-edge "key recovery"
program that would combine encrypted information with a decoding
"key" that would effectively unlock the data only to those
authorized to see it.
The administration also is close to unveiling an executive order
that would require every government office to record and report
cyber-intrusions or attempts. It also hopes to encourage private
industry to do the same, especially because of the vast interface
between government and business systems around the world.
Equally important is for America to realize that a growing
security threat, one that carries the potential for enormous
damage, now looms within the nation's borders.
"It now brings national security home again. We've been so
insulated for the last 50 years. Our national security
challenges were way overseas," Hamre said. "They're now
potentially at home."
==
There's a compelling reason to master information & news.
Clearly there will be better job and financial opportunites.
Other high stakes will be missed by people if they don't
master and connect information. -- Everette Dennis
==
http://www.dis.org/erehwon/
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)
Received on Tue Apr 7 12:51:59 1998