[Internet news from Wired News. Read the latest Internet news stories, scan technology news headlines. Wired News also provides cyber-culture and political news about the wired world]
[] [] [] []
[Navigation bar] [Back] Have Crackers Found Military's [Visit Wachovia For PC Banking]
Achilles' Heel?
by James Glave
[Stocks]
[technology]
[go] 12:27pm 21.Apr.98.PDT TECHNOLOGY
In what may be one of the first
demonstrations of the potential Today's Headlines
[delivered] of cyber warfare, an Sensors Keep Tabs on Emission
international cracking group
Credits
[go] claims it has stolen a suite of
programs used to run classified
US military networks and Have Crackers Found Military's
Achilles' Heel?
[Search] satellites.
[WIRED magazine] The group, calling itself No Java in IE5's Base-Level
Masters of Downloading, or MOD, Download?
said in a statement that it had
stolen the software -- the How Technology Will Help the
Defense Information Systems Environment
Network Equipment Manager (DEM)
-- from the Defense Information Sun Activates Java Plug-in
Systems Agency, the branch of
the Defense Department in charge Holding E-Commerce Hands
of classified computer networks.
The Whats, Whys, and Hows of
"This may help you to realize Usenet Newsgroups
the reality of the threat of
information warfare against the Crucial Tech: Lookups Looking
United States of America, as Up
well as the DEM software's
obvious value to certain global
organizations and individuals," [Click here for Wired Magazine]
said the statement, which was []
supplied to Wired News by an
anonymous representative of the
group.
The statement detailed the
capabilities of the DEM
software, and was accompanied by
a number of image files that
depicted the program's
interfaces. The software's
authenticity was confirmed by
John Vranesevich of the computer
security site AntiOnline.
Vranesevich said he obtained a
copy from MOD last Thursday and
tested it after first unplugging
his computer from the Internet.
Vranesevich, who has tracked the
computer underground for five
years, said that the theft of a
classified network control
program pointed to a threat far
more serious than the routine
Web server intrusions of recent
months.
"This is one of the first times
we've seen a group of hackers
whose goal was not to commit
acts of Internet graffiti by
defacing low-security Web pages,
but [instead] to actually
target, plan, and retrieve
software suites designed for
military use," said Vranesevich.
Last month, Vranesevich was the
first to interview Ehud
Tenebaum, the Israeli teen at
the center of a federal
investigation into widespread
attacks on US military computer
systems. But those attacks pale
in comparison, he says.
"[The deliberate theft of
classified software] puts this
group on a whole other playing
field," said Vranesevich, who
added that the group is
comprised of 15 individuals,
including eight Americans, five
Britons, and two Russians. The
group is not affiliated with
Tenebaum, known as the Analyzer.
MOD said that the software is
used to remotely monitor and
manage military computer-related
equipment, including routers,
repeaters, switches, military
communication networks, and GPS
satellites and receivers. The
suite's top-level interface is
designed to "manage all the
computer-related equipment used
by the United States military,"
the statement read.
With the DEM software, the group
claims, the entire Defense
Information Systems Network
could be shut down for a period
of time. "This is definitely not
a good thing for the United
States military, as they depend
heavily on their computer
systems and networks to quickly
share data and information from
anywhere in the world," the
statement said.
MOD went into detail over two
particular software components,
one of which allows a user with
access to monitor or shut down
T1 links used by the military.
The other program concerns
Global Positioning System
satellites, which are used to
establish precise coordinates
for weapons targeting and the
navigation of commercial
aircraft.
"Although the DEM software
cannot be used to send data to
the GPS satellites, it can be
used to track the satellites and
pinpoint their exact
whereabouts, as well as the
frequency ranges they use and
other operational information,"
said the MOD statement.
MOD claims it first obtained the
software in October 1997 but did
nothing with it at first, to be
sure that they were not being
tracked.
Although the Defense Information
Systems Agency public affairs
office declined to comment, a
mission statement on the
agency's Web site clarifies its
role within the Department of
Defense: "DISA will be the
preeminent provider of
information systems delivery
support to our warfighters and
others as required by the DoD,
under all conditions of Peace
and War."
MOD members were not immediately
available for comment, either,
but in an interview with
Vranesevich last Friday, group
members said their intentions
were not hostile.
"We have the power to do so, but
at this time we have no
intentions to launch such a
[network] attack," a member told
Vranesevich. Another member also
told Vranesevich that he had
obtained a separate piece of
software used to communicate
with submarines.
Gene Spafford, director of the
Computer Security Research
Center, COAST, said that the
intrusion, if true, didn't
surprise him.
"I don't think anyone who is
familiar with government
security has ever believed it to
be as secure as claimed,"
Spafford said.
Spafford added that he was not
familiar with DISA systems, but
that any distributed system is
vulnerable, and that many
government systems are
configured "for convenience and
not need."
The group claimed that they
stole the software from a
Windows NT server at DISA, and
that about 30 individuals
worldwide presently have copies.
"When you have a system that is
distributed such that others can
manipulate it, you open it up to
not just security problems but
also erroneous operations,"
Spafford said. "[You get] people
who don't have training and [you
get] accidents. It is a standard
systems design question."
In an interview with
Vranesevich, the group offered
some network security advice for
the US government.
"It's simple: take all
[classified] military systems
off the Internet, place only
[unclassified] Web servers on
the Internet [and] keep the rest
on a purely internal network,"
the MOD member said.
Check on other Web coverage of
this story with NewsBot
[Back] [Navigation strip]
Rants & Raves: Send your rants
and raves to Wired News.
Tips: Have a story or tip for
Wired News? Send it.
Copyright © 1993-97 Wired
Ventures Inc. and affiliated
companies.
[HotWired and HotBot] All rights reserved.