U.S. Military's Hackers

definate writes "Wired is running a story on the Joint Functional Component Command for Network Warfare, or JFCCNW. A multimillion dollar military task force used to attack the electronic infrastructure of their opponents."

SAMs?

[lachlan76]

He said they may also be able to set loose a worm to take down command-and-control systems so the enemy is unable to communicate and direct ground forces, or fire surface-to-air missiles, for example.

These things are connected to the internet?

We gotta protect you from IDEAS!

[disposable60]

From TFA: Rita Katz, an expert on Islamic terror sites and director of the Washington, D.C.-based Search for International Terrorist Entities [siteinstitute.org], believes a website that posts an execution should be taken out immediately. No matter what the implications are for free speech or other nation's laws, she said. (emphasis mine)

Coming soon - non-Evangelical-Republican == Terrorist.

National insecurity & militarization of the ne

[G4from128k]

This looks like a scary, but inevitable, development. The internet is becoming too important to this country's economy. Perhaps the private sector can keep the Internet safe, but they need more vigilance and more tools to handle fast-evolving threats. The minute the government feels that the net has become a national security vulnerability, they will take steps to become the defender of that infrastructure.

Perhaps the day will come when the government deploys .mil computers to DDoS offending servers of phisher, spammers, etc.

Re:Revealing (and scary) line from TFA

[LnxAddct]

Well considering the levels of encryption that al-Qaeda and North Korea use and the number of laptops that are found in many terrorist hiding areas or even in the place where the terrorists responsible for 9/11 resided, I wouldn't scoff at the value of having access to their networks. It is a known fact that terrorists use PGP encryption and it's creator has written a few times about his feelings on this and distributing it for free. In the end he has always, thankfully, decided that freedom for our privacy outweighs any evil intentions that others may have. (That is an extremely rough paraphrase)
Regards,
Steve

This group uses PowerBooks

[riversky]

A US military directive recently recomended all computer based intelligence personel run UNIX via the MAC OS for security reasons. I have a friend who is a low level Army guy and they all use Apple Mac PowerBooks in the tanks.

Top Secret?

[UnknowingFool]

There was a hint of this group's existence during the first Gulf war. One of the reasons behind the Iraq's army total defeat was that the US crippled the communication network between Baghdad and the frontline. The story was that after the embargo was established, the US let a printer be smuggled into Iraq. Unfortunately for Iraq HQ, the printer was designated for Iraq Command and had been modified to contain and transmit a virus. The virus spread quietly throughout the network but lay undetected and dormant until the land war began. Then it started to take down the networks.

Re:The Hardest Part

[Mz6]

You hit the nail right on the head.

As a contractor living and working at Offutt AFB in Nebraska, this is by far the hardest part. If you can obtain a security clearance for some of the top level accesses, you are almost guaranteed a job especially for things such as this. Defense companies will pay top dollar for those people that have/can obtain clearances and will pay huge referral bonuses if you can refer friends to jump on board as well (up to $10,000 depending on that person's clearance).

I was lucky enough that I was able to intern with a Defense contractor in Nebraska who paid for all my clearances, my schooling and once I graduated I was offered and accepted a full time position.

The only downside is that your work is based on contracts. Many Defense contractor companies have high turnovers rates because their employees will jump on with the company that is either prime or a sub-contractor on a specific contract.

Re:Script Kiddies in Uniform

[Chi Hsuan Men]

According to TFA, the main task of JFCCNW is to bring down websites that don't portray America in good light.

Actually, that's your paranoid, Orwellian interpretation of the article. Here is some actual text from TFA:

(Regarding the public execution of Nick Berg)

"The debate focused on whether the United States should shut down a website as soon as it posts such brutality.

"There are some tremendous questions being raised about this," said Dietz. "On whether they (JFCCNW) have the legal mandate or the authority to shut these sites down with a defacement or a denial-of-service attack."

So, it sounds like this is an issue that is being treated with some sensitivity; however, you would rather portray the group as a censorship brute squad.

Culture clash?

[identity0]

What I've seen of hackers (both white and black hat) doesn't lead me to think they would do well in a military envornment. Does anyone know if there has been much problems with keeping the unit discipline?

I'm not just talking about the physical fitness stuff, I mean that most hackers seem to want to "screw with the system" a little. Maybe it comes from the same urge to reverse-engineer stuff, but the hackers I've seen tend to dislike bueracracy and "keeping your head down" to not stick out, which are things the military seems to have a lot of.

There are a couple of ex-mil. guys in my LUG, but they're the 'resposible sysadmin/programmer', with maybe a touch of BOFH syndrome.

I wonder if the military is recruiting hackers directly, or training their own people to be hackers?

Re:Revealing (and scary) line from TFA

[mestreBimba]

No these network do have access from the internet... you just have to go through a couple of layers to get to them.

You have to bounce from outside a corporate LAN to into the corporate LAN and from there onto the SCADA LAN.

It is possible........ I speak from personal experience.

Re:Top Secret?

[Iphtashu Fitz]

Call me a skeptic but that sounds a little far-fetched. Figuring out exactly where a printer was going to be sent within the Iraqi government would be very difficut. Making sure that the printer got plugged into a system that also had access to the military command & control systems would also be a stretch. Then there's also timing - you wouldn't want the virus/worm/trojan to trigger too early or it could be detected & removed. But it would also need enough time to do its job effectively, which would be very difficult to calculate ahead of time unless you knew EXACTLY what systems to target, how to get into them, etc. Either you would have to determine the date/time to start the war far enough ahead of time to put together the bogus printer, ship it to Iraq, and let them install it, or the printer would have to be regularly checking with the outside world for a message to trigger the payload. The first approach would again be unreasonable. The second would depend on this system having access to the outside world and this behavior could be detected. Besides, what happens if the printer or the computer it's connected to happened to be powered off at the appropriate time?

Personally I'm more inclined ot believe the story told by a former member of the British SAS in the book Bravo Two Zero [amazon.com]. It describes how SAS teams were sent into Iraq in the days before the war started. Their mission was to identify and destroy communications lines. The Iraqi's realized that radio could be intercepted so they relied on land-lines quite a bit. So destroy the land-lines and your command & control infrastructure is screwed.

Re:Revealing (and scary) line from TFA

[Sheepdot]

al-Qaeda, and I'll explain why in two parts below:

The entirety of Terrorist networks is based on communication. They HAVE no structure otherwise. If you take away their ability to communicate, they lose the entire system in one fell swoop.

So, if you hack the system that stores the GPS coordinates and communication methods for contacting the Osama bin Laden's of the group, you destroy the entire organization. If you're measuring "most to lose" by which group is entirely routed out, the answer is always going to be al-Qaeda.

The second part of the equation is the actual impact a hacker can have on the US, China, etc. Hackers have already compromised US computers. The stories show up in the press and then they die just as fast. Or the military keeps quiet about them.

I probe for fun, testing web application security and trying to compromise my own PHP coded apps from time to time. One individual, like myself, is never going to be able to do anything more than perhaps compromise a few .mil domains and take a network out for a day. Perhaps I can get a PGP (used as comparison) private key or two. The US military is NOT going to go down over something as insignificant as that.

However, suppose I compromise two private keys for al-Queda staff? And I fake reports/messages? Or suppose I introduce new recruits into the organization? There's a great deal of trust in a very small group, it may not take more than a week for me (one person using the private key of someone else) to find the Osama bin Laden's of the world.

Keep in mind that these terrorist organizations don't have the luxury of a "recruit.com" and "securenetwork.mil". Instead, they have a lot of their "join us" propaganda run by individuals that are maybe once removed from the guys calling the shots.

This should have been obvious

[TiggertheMad]

I have been saying since the early nineties that there is some sort of black-ops hacker team that the government funds. I would be seriously upset if my tax dollars wern't being spent on making sure that we had this sort of capability.

I'm guessing that they are mostly civilians working for the NSA and CIA with close ties to the military. I'm saying mostly civilian, as the military doesn't usually attract people with multiple degrees in advanced technical subjects. They will work closely with the teams, though, providing military intilligence to augment what the civilian agencies provide. They will be set up in small 'fire teams', so when they need to go to work, they can be assigned to seperate specific targets. During peacetime they will be constantly practicing intrusion techniques on each other, wargamming various scenarios. I'd say that they won't be ex-blackhats, as they aren't very reliable. Probably young-ish college graduates with masters degrees that are very dedicated and focused individuals. (Think FBI or CIA agent in mentality: highly reliable team players, not hot shot hackers.)

I think it sounds like very interesting work. If any of them read this posting, contact me. I don't need to tell you how, because I'm sure you can find me... ;-)

Re:Revealing (and scary) line from TFA

[bogado]

The US is not about to enter no lasting war, in fact it avoids this with all it's powers. To my understanding a "clean" war now and then is very helpful to pump the popularity of the current US president (be it Bush, Clinton or any other I can remember). A long standing war is a burden, since this would imply in too many american casualities, so the popular opinion starts to change.

I'm not sure how able this special unity will be at disabling the said infrastructures, but assuming that it could I can surely seen CNN advertising that this is a humanitarian way to solve the problem, while in my opinion is just the inverse. It will first affect all the civilians to then start affecting the military.

Not neccessarily THROUGH the Internet

[DesScorp]

There are other ways to conduct "information warfare" against the enemy, as we have probably done before. From the article:

One story widely reported, but never confirmed, described how a team of military ops was dropped into Serbia, and after cutting a wire leading to a major radar hub, planted a device that emitted phantom targets on Serb radar.

So it's a good bet these guys aren't just sitting at a desk playing nethack. Some of them are probably special-ops types with additional computer training. I can easily see operations where we'd drop in sabotage units via aircraft or submarines, and hose entire infrastructures by accessing them locally, just like the Serbian incident. Keep in mind that in modern air defense systems, often multiple units are connected in clusters, sometimes relying on just one radar dish per 3-5 missle units, all connected electronically. Hose the radar, and you've fucked the entire cluster. And while military communications networks usually aren't connected to the Internet on the battlefield, they ARE becoming more and more computer dependant. So it wouldn't be improbable to imagine some of these guys tracking down the right coax cables connected underground to a command and control bunker somewhere, then attaching a vampire tap to access the network.

Re:The best defense

[TheWizardOfCheese]

"The best defense is a good offense" is just a trite saying - it's not handed down from God or anything, you know. Of course there are many cases where aggression is the winning policy, but history also contains many contrary examples. Defense can be the best offense at the tactical, operational, or strategic level - wars have been won without winning a single battle.

On the other hand, professional military people are inherently biased toward offense, not merely because of their training, but because they tend to be aggressive people by nature (self-selection.) Sometimes this has caused them to serve there countries poorly. Two examples will suffice:

1) Convoy
Britain learned by bitter experience during the 16th through 18th centuries that the surest way to reduce shipping loses due to enemy action was convoy. Convoy was effective even when there were no escorts! Yet by the advent of the first world war, this knowledge was somehow forgotten or neglected. Individual captains with fast ships did not want to participate in slow convoys which they believed would make them more vulnerable. The navy approved of this view because they preferred to spend their resources actively, in a futile scouring of the endless seas, rather than passively, in protecting what was really important. Merchantmen were allowed their freedom, and the result was nearly disasterous: the U-boat campaign of the first world war came much closer to starving Britain than did that of the second. The situation was only retrieved by implementing convoy.

2) Battlecruisers
A famous example of "offense is the best defense" gone wrong. The idea of a battlecruiser was a ship with the armament of a battleship but the speed of a cruiser, maximizing the tactical qualities of movement and firepower. As this was achieved by reducing armour, the resulting ship was cheaper as well! It was a very popular idea with the naval theorists. But the battleship was a system, in which guns and armour functioned together. As Jutland demonstrated incontrovertibly, a battlecruiser could not survive in an environment with battleships, but it was not as useful for screening fleets as the several smaller cruisers it replaced.