Pentagon attack last June stole an "amazing amount"

[Resinence]

Ars Technica

On June 22, 2007, Defense Secretary Robert Gates acknowledged that the Pentagon's network had been successfully attacked the previous Wednesday, and that this attack was responsible for a disruption in email service to some 1,500 Pentagon employees. At the time, Gates downplayed the attack, saying that it affected only the OSD's (Office of the Secretary of Defense) non-classified e-mail service and that there was "no anticipated adverse impact on ongoing operations." It seems that the adverse impact of the June attack may have been much greater than Gates' early guidance implied. According to a top DoD technology official quoted at GovernmentExecutive.com, the thieves behind that attack seized an "amazing amount" of data.

New details on the attack itself have become available in the months since it occurred. According to Dennis Clem, CIO of the Pentagon and the OSD, the intrusion was first detected during an IT restructuring that was underway at the time. By the time it was detected, malicious code had been in the system for at least two months, and was propagating via a known Windows exploit. The bug spread itself by e-mailing malicious payloads from one system on the network to another. The messages themselves were spoofed and appeared to be legitimate missives from other employees. Once the recipient opened an infected e-mail, the worm sent that person's password and other login credentials back to home base.

The government isn't saying what, exactly, got stolen. There's no evidence to contradict Secretary Gates' claim that the classified e-mail system remained unaffected, but data that Clem describes as "sensitive" was accessed and encrypted before being transmitted to the hackers' location. As for where that location might be, unconfirmed reports point towards China's People's Liberation Army. China, of course, has vehemently denied any knowledge or responsibility. The Pentagon has stepped up its network protection since the intrusion, and added additional protection in the form of smart cards and digital signatures. Such security measures are the ultimate example of closing the barn door after the horse is gone, but should at least make further intrusions more difficult.

Looks like I was right about it spreading via the internal email system, wonder if it was really China, safe bet? "Sensitive Information"... gogo yet another vague press release.

[irishmick79]

I think it was probably China - I've gotten to know a few guys in Naval Intelligence and they're convinced that the Chinese are attacking DoD computer systems daily. Now I have no idea what they're being told to make them believe that, but I don't have a problem with thinking that the attacks are probably more significant than the DoD would care to admit. Probably why the press releases about it are so vague.

[Shroom Man 777]

Why can't the US just counterattack and kill China's internet or something? Fuck them.

[Singular Intellect]

Why can't the US just counterattack and kill China's internet or something? Fuck them.

You realize that China's economy would be directly affected by such an attack and would have world wide repercussions?

[Shinova]

Maybe we could just do something annoying like infect their systems with a spam bug of some kind.

[Shroom Man 777]

Why can't the US just counterattack and kill China's internet or something? Fuck them.

You realize that China's economy would be directly affected by such an attack and would have world wide repercussions?

Well, maybe that was an exaggeration. But how about like a DoD counterattack on the PRC's military computer network as well?

[Covenant]

Why can't the US just counterattack and kill China's internet or something? Fuck them.

You realize that China's economy would be directly affected by such an attack and would have world wide repercussions?

Well, maybe that was an exaggeration. But how about like a DoD counterattack on the PRC's military computer network as well?

Maybe they could hire the superhackers over at 4chan to blow up some vans or something. I don't think a cyberwar would be pretty, or effective, but I'm suprised the pentagon is so absolutely backwards about this. Seriously, how hard would it be to clean this up? Given enough money, couldn't we retool the pipeline to make this less simplistic?

[Jadeite]

I'd bet we are. The public would never know of it though. The Chinese military wouldn't admit to anything that'd look like weakness, and the US certainly won't say what its up to.

[Sea Skimmer]

The US has been the world leader in electronic warfare since the last two years of WW2; I’d find it hard to believe that we don’t have the internet our military freaking invented covered in terms of having an offensive capability. Its certainly not like they couldn’t easily be funding that out of the 40+ billion per year in the DoDs black budget.

[KlavoHunter]

Why is it so hard to operate a physically separate network from the rest of the internet, for shit you want to stay inside the Pentagon?

[Chris OFarrell]

Humans.

Its that simple.
You can set up a magnificent dedicated high speed internal intranet which is physically separated from anything that has ANY chain connection to the internet (and IIRC the DOD HAS set up such a network).

But 9 times out of 10, human users will get so fed up with the 'bother' of having to use separate systems that they'll just dump their work onto their 'normal' computers and bingo...

[Shinova]

The US has been the world leader in electronic warfare since the last two years of WW2; I’d find it hard to believe that we don’t have the internet our military freaking invented covered in terms of having an offensive capability. Its certainly not like they couldn’t easily be funding that out of the 40+ billion per year in the DoDs black budget.

Then again, incidents like this one make you doubt whether the department's actually competent enough to do something like that.

[Edi]

The US has been the world leader in electronic warfare since the last two years of WW2; I’d find it hard to believe that we don’t have the internet our military freaking invented covered in terms of having an offensive capability. Its certainly not like they couldn’t easily be funding that out of the 40+ billion per year in the DoDs black budget.

With people like this running it? You have got to be kidding. The comments section on what some of the probable causes of this fuckup are is also fairly enlightening if you have the patience to read through them.

[Pint0 Xtreme]

For some reason, I keep on envisioning a bunch of Chinese hackers gathering in one area hacking away CnC:Generals style.

[Wicked Pilot]

Why is it so hard to operate a physically separate network from the rest of the internet, for shit you want to stay inside the Pentagon?

Go look up SIPRNet and maybe next time the topic comes up you won't look like a moron.

[ray245]

Hmm...I wonder what makes china so good in computer technology...well in terms of hacking anyway.

Moreover, how did the internet population in china get so large as well in such a short amont of time...

[Lonestar]

Why is it so hard to operate a physically separate network from the rest of the internet, for shit you want to stay inside the Pentagon?

There is one(several, in fact) you choad. The stuff that is being attacked is annoying, but not exactly vital.

[Lonestar]

aaannndddd WP beat me to it.

[Paolo]

Why is it so hard to operate a physically separate network from the rest of the internet, for shit you want to stay inside the Pentagon?

Because that ignores all the information the Pentagon wants to hold close to the vest yet must share with people, units and organizations around the country and the world. For example, Trident guidance data collected after deterrence patrols is electronically shared over VPN between the group command, Pentagon, and Draper (the private sector lead on the Trident guidance life extension program).

[The Yosemite Bear]

speaking as one of the several thousand autodailers that attempted the LAST concentrated DOS attack on the PRCs computers, that sort of activity is just plain destructive, besides last time I checked the Military Industrial Complex is less able to motivate the script kiddies nessesarry for the "Manpower" for such an attack as is "4chan".....


.... not to mention, they've upgraded their system a LOT since every comp. science department in the US and Canada pinged them in '89, over something that gets killfiled by the PRC constantly....

[Pelranius]

Considering how lousy general Chinese computer security is, anyone who wants to go poke around the Pentagon is probably going to rout through China. It's not as if the MSS is going to make info requests from Pentagon inquiries a top priority, anyways.