Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security United States IT

Crackers Cause Pentagon to Put Computers Offline 260

Anarchysoft writes "As many as 1500 Pentagon computers were brought offline on Wednesday in response to a cyber attack. Defense Secretary Robert Gates reported of the fallout both that the attack had 'no adverse impact on department operations' and that 'there will be some administrative disruptions and personal inconveniences.' When asked whether his own e-mail had been compromised, Gates responded, 'I don't do e-mail. I'm a very low-tech person.'"
This discussion has been archived. No new comments can be posted.

Crackers Cause Pentagon to Put Computers Offline

Comments Filter:
  • by pipingguy ( 566974 ) * on Friday June 22, 2007 @01:18AM (#19604867)
    I recommend a less-crumbly type of snack, like carrot sticks or celery. Dip is right out.
  • by zaunuz ( 624853 ) on Friday June 22, 2007 @01:19AM (#19604879)
    ...that the hairdresser's hair is the one with the ugliest haircut.
  • by stox ( 131684 ) on Friday June 22, 2007 @01:31AM (#19604963) Homepage
    That hacker will never figure out what to do with the launch codes to the continental ICBM inventory. On the other hand, can you imagine a nuclear attack being started from an iPhone?
    • Re: (Score:2, Funny)

      by Anonymous Coward
      or from a young man and his computer playing a simple game of Tic-Tac-Toe
    • I agree. Hackers today are not ParMasters of yesteryears.
      I guess they were just looking to recruit more zombies for their credit card scams and by mistake they stumbled upon the DoD unsecure network.
      Heck, half the jokers (who call themselves hackers) can't even expand the acronym ICBM in full. And i bet $100 that one of the words in their expansion would be either International or Business.

      The DoD is fretting unnecessarily.
      A whole generation has already been dumbed down by McDonalds, Pepsi and KFC, not to
      • Re: (Score:2, Insightful)

        by kdemetter ( 965669 )
        ICBM : Intercontinental ballistic missile .

        you may donate that $100 to EFF http://eff.org/ [eff.org] :-)

        on a more serious note though : just because they can't use the codes , doesn't mean there is no threat in it .
        In matters like this , it's better to be paranoid . If thisq can happen , they are not paranoid enough .
    • Re: (Score:2, Funny)

      by Anonymous Coward
      The launch codes are easy to figure out. The hard part is working out which TLA (three letter acronym) correlates to the correct MLS (missile launch system) for FTN (firing the nukes).
  • by Actually, I do RTFA ( 1058596 ) on Friday June 22, 2007 @01:32AM (#19604971)

    Gates responded, 'I don't do e-mail. I'm a very low-tech person.'"

    Actually, this makes Gates sound stupid but as a general rule don't put sensitive information on computers connected to the internet. The best security is not having the damn wires there in the first place. At the top levels of government, where nation-states are trying to install spyware, intercept and decrypt your packets, and otherwise penetrate your defense, maybe having one of a thousand aides sneakernet it is a good solution.

    • by Icarus1919 ( 802533 ) on Friday June 22, 2007 @01:35AM (#19604991)
      You're right, nothing could ever go wrong having someone physically carrying a message.
      • If that's the kind of management ethos the Sr Brass has...

        It explains a lot, doesn't it?

        • by BrokenHalo ( 565198 ) on Friday June 22, 2007 @04:42AM (#19605859)
          It explains a lot, doesn't it?

          For once, I'm with him.

          Email is often ignored these days - in fact, its principal virtue seems to be the fact that it is so easy to ignore until such time (if then) as it suits you.

          Mr Gates probably gets more done (as do I, in fact) by picking up the phone.

          • Re: (Score:2, Funny)

            by Anonymous Coward

            Mr Gates probably gets more done (as do I, in fact) by picking up the phone.
            Is that before during or after reading /.?

          • Re: (Score:3, Insightful)

            by bstempi ( 844043 )

            Mr Gates probably gets more done (as do I, in fact) by picking up the phone.

            This approach only works when you're at the top of the food-chain. Everywhere I've worked, the corporate culture has always emphasized "covering one's ass" more than actually doing business.

            For instance, PHB gives a subordinate an assignment and asks for X, Y, and Z. The subordinate then delivers X, Y, and Z. PHB then finds out that he fsked-up the requirements (because he's a PHB). Instead of taking the blame, his first inst

          • by misanthrope101 ( 253915 ) on Friday June 22, 2007 @10:40AM (#19608179)
            For me, its principal virtue is that it serves as a record of what I actually said, and what was said to me. I want taskings and requirements in writing. I'm okay with them changing, as long as I have a record of what I was originally asked so we can track the change in objectives.

            I have waaaaay too many memories of supervisors saying "I never said that." Of course, I still have supervisors who want every encounter face-to-face, ostensibly because they feel that email is impersonal. Guess which supervisors have rather flexible memories when it comes to what they did and didn't say to me?

            I'll even type up what we discussed right after the meeting and pass it by them to "make sure I understood," and they just reply with "see me." But I push for written records as often as I can. Only weasels and illiterates hate email.

      • At least when something goes wrong with a sealed message sent over the sneakernet, you'll know that something has gone wrong.
        Encryption isn't common in the current internet. And it is possible for someone to copy data and leave hardly any trace that it was copied.
        "Copyright infringement isn't theft." Is copying another state's secrets theft if the original copy of the secrets is still in the original computer?
        • by Anonymous Coward on Friday June 22, 2007 @05:19AM (#19606013)
          "Copyright infringement isn't theft." Is copying another state's secrets theft if the original copy of the secrets is still in the original computer?

          No, that's still not theft. That's espionage.
        • What has this got to do with copyright infringement? If you "steal" state secrets they don't go after you for copyright infringement. You're more likely to face charges along the lines of treason.

          Besides, the whole point of state secrets is that they are, well, secret. By copying them, you're taking away the secrecy, their key value, so it has even less to do with "copyright infringement", where it's not argued you are taking such a value away, just taking away a possible chance of making money from the cop
        • You can still copy a letter/document and leave the original. Photo, scanner, photocopier. Just because its not digital doesnt mean it cant be copied leaving the original intact.
        • I really hope none of your + mod points came from this:
          ""Copyright infringement isn't theft." Is copying another state's secrets theft if the original copy of the secrets is still in the original computer?"

          If they did, both you and the moderators need taken out and shot.
          No?..then nevermind.

          But if you are anywhere near trying to be serious with this one, crawl back in mom's basement...you aren't done yet.

          This will not get you into a copyright or theft problem...this gets you stood in front of firing squads,
    • on his VCR must get on his nerves. Does anyone really believe that he is being honest about his lack of technical aptitude? I believe that about as much as I believe that George Bush didn't know the difference between a Shiite and a Sunni. Gates may or may not do email, but nobody will successfully subpoena any of it. He is jerking you off, folks.
      • Exactly, it's his own arse he is protecting nothing at all to do with state secrets or technical ineptitude, or as Bill Cosby one put it: "It takes a genius to act that dumb".
    • by Belacgod ( 1103921 ) on Friday June 22, 2007 @02:56AM (#19605427)
      In 1914 General Joffre, commander of the French forces, refused to use the telephone, claiming he "didn't understand the mechanism." Therefore he spent hours driving back and forth to the British army headquarters in the middle of a desperate campaign to stop the Germans. It is believed that he feared his words being recorded on the other end without his knowledge.
    • by Divebus ( 860563 ) on Friday June 22, 2007 @03:28AM (#19605565)

      The best security is not having the damn wires there in the first place.

      Ahhh yes... the air-gap firewall - works better than anything.

      I'm sure Cisco has one for $40,000 they can sell the DHS (empty box with two RJ-45s). They need it. [slashdot.org]

      • Re: (Score:3, Interesting)

        by rikkards ( 98006 )
        I am 100% sure that they do separate the classified info (i.e secret and above) from the normal everyday workings. Whether there is a physical disconnect or hardware encryption tunneled in nonclassified lines, I don't know.
      • by commodoresloat ( 172735 ) * on Friday June 22, 2007 @06:34AM (#19606237)

        The best security is not having the damn wires there in the first place.
        Exactly. Wi-fi is the only safe way to transfer information safely. Get rid of the wires and we can all relax. And if you can't have wireless, at least make sure there's more space than a nomad. What were we talking about again?
    • He seemed perfectly fine letting people talk about secret military matters on their insecured wireless crackberries.
    • by Karrde45 ( 772180 ) on Friday June 22, 2007 @04:10AM (#19605711)
      Gates calling himself low tech is most likely an attempt to deflect further questions. It was well known in his time at Texas A&M that he would personally respond to many emails from students, and as he was leaving the university he made it known that he frequented a popular aggie message board. http://www.texags.com/main/forum.reply.asp?topic_i d=768382&forum_id=5 [texags.com]
      • by MollyB ( 162595 ) *
        I find it remarkable that moderators have ignored this Informative comment. It should be seen by more people, imo.
    • I would much rather trust in a good strong encryption than something as easy to loose/copy/show to someone/etc as simple PAPER.

      I think you read too much into the phrase, if you were right he would've said something as "I dont put sensitive information on computers connected to the internet" instead of the much stupider "i don't do email" Not doing email today is like not doing faxes 20 years ago, as telex was a bitch. Not secure enough is an ignorant reply, specially coming from the guy briefing the preside
    • by gruntled ( 107194 ) on Friday June 22, 2007 @04:59AM (#19605931)
      As a general rule, sensitive information is already prohibited on military computers that are connected to the Internet. If you've ever seen an office in, say, the Department of Homeland Security, you'll notice that they have two or even three systems on each desk; that's because none of those computers are connected to each other. Computers that can touch the Internet can't have anything sensitive on them; computers that might have something sensitive on them can't touch the Internet.
  • Not sure if you call fireworks crackers [acmefireworks.com.au] in the USA, but its the 1st thing I thought when reading the subject.
    • In Canadian English, and presumably American, small fireworks are called firecrackers.

      In Australian, isn't "cracker" slang for something or someone good?

  • Uh oh (Score:4, Funny)

    by A beautiful mind ( 821714 ) on Friday June 22, 2007 @01:46AM (#19605047)
    Another slashdot meme in the making?

    "I don't do $technology, I'm a very low-tech person."
  • by Dirtside ( 91468 ) on Friday June 22, 2007 @01:48AM (#19605065) Journal
    Scene: Secretary Gates's office - dawn

    A PERSISTENT BEEPING breaks the stillness.

    SECRETARY GATES stumbles in from an adjoining room, bleary-eyed. Another all-nighter of trying to keep the world safe for democracy.

    SECRETARY GATES: What the blazes is it now?

    He picks up his Big Red Phone.

    SECRETARY GATES: Gates here. What is it?

    TECH #1: Sir! This is Collins at Central. We've got a situation -- massive DOS, widely distributed. One of the worst yet.

    SECRETARY GATES: Damn! Tell me it's not--

    TECH #1: Bad news, sir. It's your brother.

    BILL GATES: Mwa ha ha ha!

    SECRETARY GATES: Curse you, Bill! What infernal scheme have you cooked up now?

    BILL GATES: By making Windows insecure and ensuring its worldwide adoption, I now have an army of millions of zombie computers at my disposal! I will instruct them to PERMANENTLY destroy your computer network unless you pay me... <pinky>one hundred BEEEELLYON dollars!</pinky>

    SECRETARY GATES: But... you already have billions of dollars!

    BILL GATES: Yes, but Mother always liked you better, so now I'm overcompensating. Top of the world, ma!

    JAMES CAGNEY'S GHOST: Cut that out!
  • by kungfoolery ( 1022787 ) <kaiyoung.pak@gmail.com> on Friday June 22, 2007 @02:07AM (#19605169)

    I could think of a million important questions to ask in a situation like this if I were a reporter:

    "What specific systems were attacked?"

    "Do we have an idea as to who the attackers were? Al Queda? The Chinese?"

    "Were any intelligence reports lost? What steps are being taken to ensure the safety of individuals whose data may have been compromised

    etc, etc, ad naseum....,

    Instead, we get a single insipid question pondering the Secretary of Defense's private email habits and his moderately disturbing technophobic response. Sheesh.

    • by Anonymous McCartneyf ( 1037584 ) on Friday June 22, 2007 @02:53AM (#19605413) Homepage Journal
      The fine article is originally from the AP, which I don't trust if there is anyone else covering the story. It is also simply covering a press briefing from the Pentagon.
      Important questions were asked, but the Pentagon simply didn't answer most of them.
      What specific systems? All we know is, the DoD Blackberries didn't get hit by this particular attack. We're also told that the Pentagon systems are attacked all the time.
      If the Pentagon systems are attacked all the time, then it's likely not an easy task to determine who launched any specific attack. Al Qaeda, the Chinese government, a Chinese cracker working on his own, a mindless virus--who knows?
      Whether any intelligence reports were lost or copied is likely classified itself. If the cracker doesn't know whether what he has, or what he destroyed, is valuable, then why should our government tell him?
      We're talking about the Department of Defense, remember. They likely don't care about the safety of the individuals whose data was compromised. They had to compromise those individuals themselves to make their intelligence reports!
    • Re: (Score:3, Insightful)

      by smurfsurf ( 892933 )
      > his moderately disturbing technophobic response

      You can argue that a person in his position does not have to deal with email. Communicating face to face or by phone is better suited to the job, allows for better relationship building. Any email (requests, reports, document distribution et al.) will be handled, filtered (and dealt with where possible), and presented to him by his admin anyway. He probably gets the remainder printed out, so be it.
  • by ZWithaPGGB ( 608529 ) on Friday June 22, 2007 @02:54AM (#19605417)
    Shouldn't it be the other way around?
    There's nothing of substance in the article.

    My guess is this was related to the MPACK issue [dshield.org], but us nerds knew about that over the geekend.
  • by xhydra ( 1083949 ) on Friday June 22, 2007 @02:56AM (#19605425) Homepage
    Employees whose computers were affected could still use their 'handheld BlackBerries'. OMG that means hackers compromised the Desktop Blackberries
  • by venomkid ( 624425 ) on Friday June 22, 2007 @03:07AM (#19605483)
    It's hacker, okay? Hacker. When someone is able to write code to get a computer to do something awesomely good, that person is a hacker. When someone manages to get a computer to do something is awesomely evil, that's also a hacker. If someone builds a spice rack for Gandhi, or a spice rack for Stalin, they're still both carpenters. Trying to frontload the term with your own moral judgment is just a little too newspeak for me.

  • As many as 1500 Pentagon computers were brought offline on Wednesday in response to a cyber attack. Defense Secretary Robert Gates reported of the fallout ... that the attack had 'no adverse impact on department operations'...

    What in Hell are those guys doing if taking 1500 'puters off line doesn't affect operations? Should those 'puters even BE on-line then?

    *shakes head*

    --Tomas

  • by Shohat ( 959481 ) on Friday June 22, 2007 @03:19AM (#19605539) Homepage
    Now, every other person online will mock him for not knowing how to use email, and being "low tech".
    There is no reason why a person should use such new technology, when most of you probably spend all your time sitting of furniture you have no idea how to build (most have no idea how to build a chair that lasts a week), spend a life inside a home with no understanding of architecture or even the most basic ability to alter your surroundings, no ability to fix a broken toilet, repair a frozen refrigerator, fix a broken washing machine, or just replace a window in your house with a new one. And these are things that people live with from their early childhood, unavoidable parts of everyone's lives."Low tech" so to speak.
    But when a person doesn't use email? OMG ROFL ROFL ROFL WHAT A DUMBASS NEWB.
  • by crucini ( 98210 ) on Friday June 22, 2007 @03:19AM (#19605543)
    Quite a few posters here seem to think Gates is a fool for not using email. To me, that shows an inability to understand his role. He's not a sysadmin or middle manager; he's the head of a huge federal agency. To me, that implies:
    • He's very busy.
    • He has too many documents to read, and too many meetings to attend.
    • He's supported by able subordinates whose only goal is to increase his effectiveness.
    • Someone else keeps his schedule.
    • Someone else types any emails or memos from his office.
      What could someone like that gain from personally using email?

      Actually, I wonder how many CEOs use email.
    • by Kadin2048 ( 468275 ) * <{ten.yxox} {ta} {nidak.todhsals}> on Friday June 22, 2007 @04:08AM (#19605701) Homepage Journal
      About CEOs, based on rumors and wild speculation, I've heard that Michael Dell does indeed use email, and does it pretty much directly. This is why he has to change email addresses pretty frequently, whenever it becomes known to the wider world and they start sending him hatemail / penis enlargement ads / technical support questions.

      In contrast, some other CEOs have catchy, widely-published email addresses, and I can only assume whole staffs of people to read their Inbox and sort the wheat from the chaff. Sam Palmisano (CEO of IBM) used to have an address that was like "sam@ibm.com" or something like that. I thought it was kinda cool, but then realized that anyone sending an email there, thinking a CEO is actually going to read it, is on as much crack as someone who writes to their Senator and doesn't realize that it's going to be read and filed by some unpaid summer intern.

      Anyway, although I've never gotten to use them, most of the big corporate email suites (Exchange, Notes, etc.) have features that allow for 'delegation' of people's email boxes to secretaries and assistants. So an executive can have their own address but route all the mail coming into it to an assistant, who can sort through and pass stuff along appropriately. And that's for executives that do any of their own email.

      Doubtless, at the very high end of the power ladder, there are people whose time is just so valuable that it's wasteful to ever have them sitting and typing at a keyboard -- it's cheaper to have a well-paid executive assistant actually read, summarize, note the desired response to, draft, and present for approval the responses to, all incoming messages. Whether most CEOs do that I don't know (I suspect not too many, anymore), but I bet that a lot of high-ranking government officials do it that way.
    • by Shohat ( 959481 )
      I know for a fact that the Owner/President(not the CEO) of the company I work for, doesn't use email. The man is smart, rich, and an accomplished Mechanical Engineer, simply doesn't have a computer at any of his person offices (in the multipe factories that belong to him)
    • I don't buy that.

      Execs like to save time, and email is ASynchronous Communication, whereupon the message is still there 6 hours later after your eleven meetings. Even if he has an army of bees to assist, it's still his email.

  • Found them (Score:2, Informative)

    by xhydra ( 1083949 )
    ICBM launch codes found on torrent site. http://www.torrentspy.com/torrent/ICBM_Launch_CODE S_TXT_Istorrent_74542 [torrentspy.com]
  • by TransEurope ( 889206 ) <eniac.uni-koblenz@de> on Friday June 22, 2007 @03:26AM (#19605563)
    That's the question.

    The CIAs and NSAs operations are totally secret, maybe they attacked a cybertarget before, and that's the just a counterattack. That's a widely known strategy to control the media. The public thinks their countries computers are attacked by evil guys from whereever because they can't link that event to the secret event done by their own secret service before. So the (counter)attacker looks more wvil ("Hey, why do they hate us???") and the government can use this to raise the fear of the people. Also the computer guys from the services can demand more money for defense of the countries networks.

    You shouldn't believe everything the secret services (of any country) make public. Especially when they make something public ;-)
  • Ppl remember Gary McKinnon?
    Perl script, default passwords and a modem.

    http://en.wikipedia.org/wiki/Gary_McKinnon [wikipedia.org]

  • According to some reports, the crackers say they were driven to desperate measures. "We had to go this far because they just weren't listening to our concerns. How much more of being spread with this soft, white mush should we tolerate? Is a decent Cheddar so much to ask for?!"
  • cracker? (Score:3, Funny)

    by chenjeru ( 916013 ) on Friday June 22, 2007 @05:14AM (#19605989)
    How did they know it was pasty white guys?
  • He has used email (Score:4, Informative)

    by Nyeerrmm ( 940927 ) on Friday June 22, 2007 @06:03AM (#19606171)
    Just FYI, I would guess that the 'I don't use email' statement is mostly tongue-in-cheek, with a mode of truth (e.g. his secretary handles most of the actual process.)

    As a student at Texas A&M University (where Dr. Gates was president until 6 months ago,) he communicated with the student body regularly via email, and in fact that was how I first learned of his nomination as Secretary of Defense.
  • by asphaltjesus ( 978804 ) on Friday June 22, 2007 @09:42AM (#19607417)
    This story is exactly why most governments don't particularly want an internet where upload bandwidth is the same as download and there's a reasonable possibility for anonymity. "Cracker" stories like this start appearing more frequently with the same amount of non-information below the headline. As another post mentions, there are few if any facts.

    The U.S. government is preparing to legislate the end of the Internet as a democratizing force by turning it into a content delivery mechnanism. But they can't legislate without preparing public opinion. My bet is TPM is sold as a safety feature to protect us from "cracker stories" like this. After all, if you aren't a bad guy then it should be no problem right?

    Even if I'm dead wrong, (and I might be) recent political history is full of examples where news events is at worst fabricated, at best spun to justify all kind of crazy agendas.

Variables don't; constants aren't.

Working...