Reply From: The Dodger <dodger@2600.com>
>> Bah! Clicked 'Send' instead of 'Save' last time... <<
>Let me see if I get this straight. An NBC News report says a conspiracy
>of at least 15 professional "cyberterrorists" scattered around the globe
>failed to obtain classified U.S. military data after launching a
>coordinated assault?
I don't see any reason to assume that there is more than one so-called
"cyberterrorist". If we accept John Green's definition of a 'coordinated
attack' in Peter Wayner's article ("Hacker 'Attacks' on Military Networks
May Be Closer to Espionage"), then I, for one, understand the phrase to
mean "a hacker or group of hackers working together, from a number of
different computer systems worldwide".
In other words - if I want to orchestrate a 'coordinated attack' attack on
the Pentagon, I hack into a dozen different systems, from .edu to .jp and
use those systems to launch the attack.
As Steve Northcutt says - "..how many people are driving it [the
coordinated attack] is not clear."
>Numerous reporters have described the exploits of pimple-faced brats who
>regularly download top-secret nuclear codes, information on covert troop
>deployments, and personnel medical records. Indeed, NBC's own reporters
>spoke to at least two defense sources who discussed the contents of a
>"top-secret intelligence document written in 1996." Given all this
I think that the 1996 document was probably referring to efforts by France
and Israel's intelligence agencies to conduct espionage against the United
States by hacking into US computers, as opposed to attempts by those
countries, or "cyberterrorists" based in those countries, to launch an
information warfare attack on the United States.
There is a subtle (but important) difference between hacking into
computers so you can pull information off them (i.e. intelligence
gathering) and probing them as a precursor to launching an information
warfare attack to crash/disable them. France is well-known in Europe for
it's slightly ruthless and mercenary attitude towards National Security,
and it wouldn't surprise me in the slightest to discover that they were
attempting to obtain commercial intelligence from the US by using cracking
techniques. After all, the US had a couple of people expelled from France
a few years back after they tried to bribe French officials involved in
the GATT negotiations to provide them with inside info on the French
negotiating position (or something along those lines). As for Israel, I
continue to find it absolutely hysterical that the United States gives
grants or something like $2bn each year to a country which (a) is a
right-wing religious nation-state (not all that different from Iran,
really), (b) has an atrocious human-rights record, and (c) has a long
history of spying on America. Someone's being played for a sucker and
it's not Israel.
>openness and sharing of classified information, I find it difficult to
>believe a worldwide cyberterrorist conspiracy failed to obtain any
>classified data.
I suspect that, whilst classified information is kept on a physically
seperate network (e.g. SIPRNet), it's highly likely that data on
unclassified networks can be relatively easily gathered and, if analysed
properly, could yield conclusions which would, in themselves, be regarded
as classified data.
Let me illustrate what I mean with an example:
The Government decides to launch a secret manned mission to Mars. All
information regarding the mission is classified "Top Secret" or whatever,
and the computers which hold any data relating to the mission are kept on
a seperate network. An astronavigation expert who lectures on the subject
at MIT and a spaceship designer from the JPL are attached to the project
as part-time consultants - i.e. they spend part of their time at the 'Top
Secret' site, and the rest of the time doing their normal jobs.
At some point, an issue concerning the life support system arises and one
sends the other an email with references to oxygen tanks, carbon dioxide
levels and the Lagrange point which lies between Mars and Earth. Someone
who is aware that one or both of the individuals involved are doing some
part-time that they can't talk about, intercepts the email by hacking the
mail server at either JPL or MIT, reads it, and draws the conclusion that
a manned mission to Mars is being planned.
Now, obviously, this is straying away from the realm of info security from
a technical point of view, and into general loose-lips-sink-ships-type
security, but ignoring the "soft" or human element in any security setup
is something one does at one's peril.
The Dodger
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Mon Mar 15 10:49:44 1999