Inside the Secret War Against Internet Spies

ahess247 brings us a lengthy BusinessWeek story on the increasing amount of attacks against the US government's online presence as well as its contacts in the private sector. Hackers are gaining a greater awareness of where valuable data might reside, and that awareness is leading to more precise, more sophisticated attacks. Quoting: "The U.S. government, and its sprawl of defense contractors, have been the victims of an unprecedented rash of similar cyber attacks over the last two years, say current and former U.S. government officials. 'It's espionage on a massive scale,' says Paul B. Kurtz, a former high-ranking national security official. Government agencies reported 12,986 cyber security incidents to the U.S. Homeland Security Dept. last fiscal year, triple the number from two years earlier. Incursions on the military's networks were up 55% last year, says Lieutenant General Charles E. Croom, head of the Pentagon's Joint Task Force for Global Network Operations. Private targets like Booz Allen are just as vulnerable and pose just as much potential security risk. 'They have our information on their networks. They're building our weapon systems. You wouldn't want that in enemy hands,' Croom says. Cyber attackers 'are not denying, disrupting, or destroying operations--yet. But that doesn't mean they don't have the capability.'"

You PWN3D my Empire!

[Jeremiah Cornelius (137)]

Funny, Booz Allen might like to take a leaf from the Northrop-Grumman playbook and charge the Chinese for this information!

Let's get this straight.

Northrop-Grumman or General Dynamics or any D.o'D. approved private contractor can post anything they like about future combat systems on their websites, and even sell secret weapons systems to Saudis or the UAE or anyone else who can buy, but for anyone else to do it is an infringement of national security.

Also, the private contractors can preferentially hire non-nationals, who work diligently and are key to the development of these systems, instead of American citizens who might be disturbed at the nature of what the private contractors are doing in the name of national security, but that's the free market.

So, if I remember correctly, didn't something happen in Germany in the 1930s that caused its brightest physiscists to flee? And didn't the same imperial hubris that caused Germany to persecute the people who might have made it an economic power after WWI really cause it to enter- and lose- WWII?

Just askin'. I just wondered what the Party line was these days.

http://spacetimecurves.blogspot.com/2008/04/pearl-clutching-by-master-race.html [blogspot.com]

Re:

[MrNaz (730548)]

I find it amusing that these articles portray the US as some kind of noble victim in online warfare, as though a) the US is not the most aggressive player in international geopolitics and b) the US has no cyber warfare program of its own.

Is there anyone dumb enough to still believe the romantic portrayal of the young valiant American heros defending liberty and freedom from the vicious hordes that everyone else refers to as "the rest of the world" ?

Re:You PWN3D my Empire!

[Jeremiah Cornelius (137)]

"Is there anyone dumb enough to still believe the romantic portrayal of the young valiant American heros defending liberty and freedom"

Yes. Products of the American "education" system.

Re:

[by Anonymous Coward]

these articles portray the US as some kind of noble victim in online warfare

[citation needed]

I read the article quickly, and I did see that it describes attempts to penetrate US systems, from a US point of view. But I didn't happen to notice any editorializing about US nobility, or any suggestion of a lack of a US cyber warfare program.

Sure it wasn't in your head? Go ahead and criticize US policy. Criticize the article too, if you think it's poorly written. But you're criticizing the article based

Re:

[Jeremiah Cornelius (137)]

"Probably. Hang around a US military recruiting station, and I bet you can meet a few people who have that vision."

The FoxNews demographic. Earnest, well-intentioned, poorly-informed, misguided and wrong.

Re:You PWN3D my Empire!

[Oligonicella (659917)]

The fact that you can even post this without boots at your door shows that those young heroes are indeed defending your liberty and freedom. "The rest of the world" is not one entity, but myriads. Many of those would gladly take you out and put a bullet in your head for your beliefs and speech.

Re:

[Torvaun (1040898)]

Is there anyone dumb enough to still believe the romantic portrayal of the young valiant American heros defending liberty and freedom from the vicious hordes that everyone else refers to as "the rest of the world" ?

My grandfather, and probably anyone else who was around when it was still true.

Re:

[MrNaz (730548)]

Billions in aid? Perhaps you need to have a good, hard look at just how USAID operates, and the role the IMF plays in global development with it's so called "development loans".

Oh, and the tone of your message is basically "Sure we killed millions of innocents and plundered natural wealth to which we had no legal or moral claim. But hey, at least our heart was in the right place!".

Re:

[phantomfive (622387)]

Billions of dollars to buy their feudal allegiance - with goodwill as the PR story to sell Empire back home.

Um.....I think you are a bit confused about how feudalism works. You see the idea is the underling gives money and tribute to his feudal Lord. You don't buy feudal allegiance with money, you get it by promising not to destroy the country.

Maybe this is not what you meant. Maybe you picked the wrong words; but you will get a lot farther using words that represent what you actually mean rather than picking words that sound sensationalistic and are clearly an exaggeration.

America isn't perfect by any s

Re:

[janrinok (846318)]

Yeah the USA doesn't do cyber warfare because we see it as unethical and illegal and immoral

http://www.afcyber.af.mil/

You were being sarcastic, right?

For every defense...

[bluemetal (1269852)]

For every defense there is an attack, and every attack a defense. These military types should know this better than anybody else. It's a battle they should be prepared to fight as it was only a matter of time before it happened. And of course, it will cost yet more resources to mount this defense (or as the case may be, an attack against the attackers) and somebody is going to have to pay for it. As always, technology is a double-edged sword.

For every threat there is funding

[EmbeddedJanitor (597831)]

Of course the military and others want to make Joe Sixpack scared. A scared citizen readily hands over funding, privacy etc.

The end of the Cold War was a huge threat to careers and funding in the CIA, military and govt contractors. Need those Iraq wars, terrorists and hackers to keep the whole war machine going.

The military industry is not the only one that works this way. The medical industry is catching on too (bird flu) and now the whole greenwashing industry (global warming etc).

Spy vs. Spy

[mfh (56)]

Spies use any means available to find information. If the Internet helps, they'll use it. That does not change their ornithological classification, or make them more specialized in one key area.

Also, spies would rather have infrastructure INTACT, so they can exploit it easily. They are lazy humans, like you.

Re:Spy vs. Spy

[virtual_mps (62997)]

Spies use any means available to find information. If the Internet helps, they'll use it. That does not change their ornithological classification

I'm missing what is doubtless a deep and subtle point about spies and birds.

Re:Spy vs. Spy

[EdIII (1114411)]

He may have meant "ontological" but goofed it up instead with a scientific reference to the study of birds :)

I could see him thinking about spies, and birds being like spies, and then screwing it up. What I find funnier is how many people will skim over that sentence really quickly and find it smart and intelligent sounding, while never really understanding what ornithology or ontology really is.

Re:Spy vs. Spy

[PopeRatzo (965947)]

Spies use any means available to find information. If the Internet helps, they'll use it. That does not change their ornithological classification, or make them more specialized in one key area.

Great point.

And just because we're worried about "internet spies" let's not forget that there are plenty of the old-fashioned variety out there, too.

For example, how many of us know that 15 Bush Administration officials, including Sec'y of State Condi Rice, have just been subpoenaed in the oft-delayed Franklin/AIPAC/Israel Lobby spy case. Even though it's common enough to come up in Google search auto-complete, it hasn't been mentioned on any US media.

The difference is now the people that are spying on us are employed by the ones that are supposed to be working to protect us.

And even if we caught every single spy, who among us feels we could trust our Department of Justice to prosecute them with any integrity? Hell, if there were any justice, the top law enforcement appointees (John Yoo, Alberto Gonzalez, Michael Mukasey, etc) not to mention their bosses, would be the ones facing trial.

Re:

[GoodNicksAreTaken (1140859)]

I'd like to know what they are counting in those numbers. We probably have that many attacks per year on our dozen or so systems with all of the script kiddies running their dictionary attacks against the FTP server we use for getting business cards and flyers to the print shop. I can pull a large number out of my backside and claim the sky is falling as well as the next guy.

Not much of a secret anymore now is it?

[Gat0r30y (957941)]

And if these spys are doing a good job, it'd be awfully hard to catch em. Of course if this is any indication [slashdot.org] it couldn't be terribly difficult to gain access to sensitive information.

You shouldn't have military plans on the Net

[WillAffleckUW (858324)]

When I worked at Boeing (and before that the Army) - if you had secret plans, you didn't keep them on a box that was open to the Net.

The problem is that they're not even following their own rules - Win boxen have never been approved for holding Net-connected data - only in a stand-alone environment are they even considered, and even then in a secure room with full security protocols enforced.

We used to lock down our drives too. In locked cabinets. When we went home.

Re:You shouldn't have military plans on the Net

[zappepcs (820751)]

Not sure about all that, but when I had my TSEC it would not have been allowed to open secured data traffic to the Internet in any way shape or form. ELINT (USAF electronics spy types) would have laughed at such, then eyed you suspiciously for suggesting it. The military, my friends, is securely running on a darknet which requires more than will power and a h4x0rz kit to get into. This is all about scaring up some more money and a few more personal freedoms in the name of security from the evil terrorists, only this time it's a run up to take away some of your online rights and privacy. Don't even be fooled by the bullshit.

If the military was as susceptible as they might lead you to believe, they'd still be trying to stop spam emails from pouring out of the RNC servers. Holy shit man, if they were hackable someone on the NYT would already be posting the 'lost RNC emails' if you know what I mean... geez

So feed them some bum plans.

[jhantin (252660)]

Back in Reagan's day, our intel folks [cia.gov] managed to slip the Soviets a surprise that would have made Jokey Smurf proud [msn.com] with their bundle of purloined technology.

Connection to other malware.

[Ungrounded Lightning (62228)]

Some of this is no doubt spear-phishing. (Deploying newly-retuned spyware selectively against a target rather than globally, so it slips past signature-based malware detectors.) But I'd bet that most of this stuff is based on the malware developed for botnet-spamming and DDOSing, regular Phishing, etc.

We have a multibillion-dollar industry based on corrupting computers and stealing selected information from them, which the governments have virtually ignored while its techniques were honed. Now their own military secrets are the target of a similar attack. Any bets on whether it is built on the same code base.

Too late now, guys. The enemies' cyber-warfare departments now have the technology.

But I bet that, if you start finding and closing the barn doors even after most of the horses are gone, you'll find enough fingerprints and tire-tracks to trace down who did it. Hunt them down and take them out, and you'll eliminate a bunch of the talent that would otherwise be developing the technology further.

Color me underwhelmed.

[ColdWetDog (752185)]

The e-mail message addressed to a Booz Allen Hamilton executive was mundane--a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code known as "Poison Ivy" designed to suck sensitive data out of the $4 billion consulting firm's computer network.

OK, so a contractor gets a random email asking for *something*. The email has a keylogger as an attachment. The executive doesn't activate the keylogger.

Western civilization was saved from the abyss.

Who doesn't think these things happen all of the time. I would be upset (in a general way) if our enemies didn't try that sort of stuff. And sneaking in via the side door. And the hot secretary. And countless other bits of espionage craft. Keep up the firewalls men! Loose lips sink ships. Watch them commies, you never know what to expect. Let's have another iPhone article, shall we. It's been maybe 24 hours since the last one. I'm getting bored.

Can anyone explain...

[zonky (1153039)]

Why these Defense contractors are using unencrypted email, and Access to "to manage big batches of data.?"

Logistics is key, even in the cyber age

[by Anonymous Coward]

Timely and new sensitive data, and various top secret technology always seem cool enough to make the front pages of such espionage stuff. But I'm suprised they aren't speaking of some more mundane channels of attack.

Wasn't "The military marches on its stomach." some historical quote that was attributed to Napolean? Anyhow, where I'd keep an eye out for cyber vulnerabilities is in the logisitics chain. All it'd take is someone to get into the requisitions, inventory, and procurement channels and they could make all hell break loose. Frozen fish in the place of ammo, livestock sent to some other place, 100 screwdrivers and bomb fuses to an office that only does paperwork, etc. Not only can such things waste resources or man hours to correct, but it can cause negative economic consequences for contract vendors. Stupid shit like that could get old really fast.

Hopefully the military brass has enough sense to ensure strong verification when dealing with civilian contractors in the supply chain (and via internal supply channels). Also there should be some means to ensure the trustworthiness of supply contractors, as some purchase orders might have the possibility of indicating potential for action, etc.

On the other hand, this would potentially be a great way for the U.S. to attack any adversaries too. The more bureaucratic, thick, and mundane an organization is - the more opportunities for logistics data mayhem. False requests will tend to look more "reasonable" under such systems.