Significant Attack Hits DoD Computers

Dec 1, 2008 06:44 PM


Most attacks against Department of Defense systems that we hear about amount to minor attacks on unclassified systems. And while the DoD's network is hammered on 24x7, most of those probes don't get anywhere. Apparently, this attack did.

The Los Angeles Times is reporting that President Bush was briefed on what was described as a "severe and widespread" attacks that may have hailed from Russia.

From the LA Times' story:

Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.
Now, a careful reading of the story, along with more than a decade of experience under my belt covering such incidents, tells me that we're not sure of anything. Could the attacks have emanated from Russia? Sure. Could the attacks have originated somewhere else and been designed to look as though they came from Russia? That's plausible, too. Could the attacks have come from a rogue Russian hacker, or are they part of a state-sponsored effort? Either scenario, based on what we know now, is still plausible.

http://www.informationweek.com/blog/main/archives/2008/12/significant_att.html

security systems from the DoD.

(I work for a federal contractor).

Infected U3 software on USB flash drives. All of this software, from all of the companies is suspected and there is a ban across all installations and systems, everywhere, on USB flash drives.

That story does not even scratch the surface of the panic.

Where does all this software come from? China. Looks like, considering that the bulk of the resulting probes of the networks came from the "Usual Suspects" server farms in Russia, that the gangs that usually do this have gone international in scope, or some people are working on cointract to write this malware.

why or why not?

The best thing you can do is with a new USB stick, plug it into a LINUX computer and wipe the software that comes preinstalled on it. Or buy USB sticks that have none of those clever pieces of bullshit on them.

From what I understand, some of this acts as a "trojan dropper" which reaches out to its control servers and downloads and installs other, more malign instrumentalities.

a highly protected classified network in the DoD is actually running Windows based systems that do not have policies to disable all USB media... and allows for auto-run to be enabled on removable drives???

What's more scary.. the lack of policies OR the fact that they are running a piece-of-shit proprietary OS?

OMG... like I mean.. OMG.

You have just hit the nail on the head.

With DoDs budget they aren't running a top secret, specifically designed, American built, OS? That kind of negligence should be criminal.

I would go so far as limiting hardware purchases that will contain any sort of classified information, or be involved in Defense or Intelligence, to those made in the US. If we don't have the manufacturing capability, build it. It is a matter of national security.

Imagine someone taking our computer systems down let's say before a major attack on our troops in Iraq, or wherever? I don't know the exact percentage of capability we would lose, but it would be devastatingly high imo.

gotten into this mess. We would have been able to elect people who actually gave a shit about our government and our country. Instead, we got about 15 years of republican rule in the legislative branch, and the dufus republican presidency when huge strides were being made in computer hacking at the global level.

Fail in the sense of providing security and an accurate vote. At least DoD is trying to protect their system and not hire programers to find ways to leave backdoors, etc.

My God, what's next???!!

Maybe the DoD should send their electronic files and gizmos to India too.

And probably not much more privatised.

Is we might get a little bit of truth of that the DOD is really doing out there.If stuff goes online.

I for one wouldn't mind seeing the real agenda behind the Iraq War or exactly who was involved in torture and similar such things the DOD hides from us for no other reason than it's wrong, illegal or they want to keep maintaining the illusion they are"good people" and duping America into writing them more blank checks for the DOD with a trust us,as they do the black ops,and create blow back..from things the NSA and DOD do that congress isn't even able to review.

that type of transparency into every government's secret departments. But in reality, this would be devastating to the American people... The people would take the blame and witness the fallout from the rest of the world and not the individuals responsible for the mess.