U.S. Military's Hackers 419
definate writes "Wired is running a story on the Joint Functional Component Command for Network Warfare, or JFCCNW. A multimillion dollar military task force used to attack the electronic infrastructure of their opponents."
SAMs? (Score:5, Interesting)
These things are connected to the internet?
We gotta protect you from IDEAS! (Score:5, Interesting)
Coming soon - non-Evangelical-Republican == Terrorist.
National insecurity & militarization of the ne (Score:4, Interesting)
Perhaps the day will come when the government deploys
Re:Revealing (and scary) line from TFA (Score:5, Interesting)
Regards,
Steve
This group uses PowerBooks (Score:4, Interesting)
Top Secret? (Score:3, Interesting)
Re:The Hardest Part (Score:4, Interesting)
As a contractor living and working at Offutt AFB in Nebraska, this is by far the hardest part. If you can obtain a security clearance for some of the top level accesses, you are almost guaranteed a job especially for things such as this. Defense companies will pay top dollar for those people that have/can obtain clearances and will pay huge referral bonuses if you can refer friends to jump on board as well (up to $10,000 depending on that person's clearance).
I was lucky enough that I was able to intern with a Defense contractor in Nebraska who paid for all my clearances, my schooling and once I graduated I was offered and accepted a full time position.
The only downside is that your work is based on contracts. Many Defense contractor companies have high turnovers rates because their employees will jump on with the company that is either prime or a sub-contractor on a specific contract.
Re:Script Kiddies in Uniform (Score:2, Interesting)
Actually, that's your paranoid, Orwellian interpretation of the article. Here is some actual text from TFA:
(Regarding the public execution of Nick Berg)
"The debate focused on whether the United States should shut down a website as soon as it posts such brutality.
"There are some tremendous questions being raised about this," said Dietz. "On whether they (JFCCNW) have the legal mandate or the authority to shut these sites down with a defacement or a denial-of-service attack."
So, it sounds like this is an issue that is being treated with some sensitivity; however, you would rather portray the group as a censorship brute squad.
Culture clash? (Score:5, Interesting)
I'm not just talking about the physical fitness stuff, I mean that most hackers seem to want to "screw with the system" a little. Maybe it comes from the same urge to reverse-engineer stuff, but the hackers I've seen tend to dislike bueracracy and "keeping your head down" to not stick out, which are things the military seems to have a lot of.
There are a couple of ex-mil. guys in my LUG, but they're the 'resposible sysadmin/programmer', with maybe a touch of BOFH syndrome.
I wonder if the military is recruiting hackers directly, or training their own people to be hackers?
Re:Revealing (and scary) line from TFA (Score:3, Interesting)
You have to bounce from outside a corporate LAN to into the corporate LAN and from there onto the SCADA LAN.
It is possible........ I speak from personal experience.
Re:Top Secret? (Score:4, Interesting)
Personally I'm more inclined ot believe the story told by a former member of the British SAS in the book Bravo Two Zero [amazon.com]. It describes how SAS teams were sent into Iraq in the days before the war started. Their mission was to identify and destroy communications lines. The Iraqi's realized that radio could be intercepted so they relied on land-lines quite a bit. So destroy the land-lines and your command & control infrastructure is screwed.
Re:Revealing (and scary) line from TFA (Score:3, Interesting)
The entirety of Terrorist networks is based on communication. They HAVE no structure otherwise. If you take away their ability to communicate, they lose the entire system in one fell swoop.
So, if you hack the system that stores the GPS coordinates and communication methods for contacting the Osama bin Laden's of the group, you destroy the entire organization. If you're measuring "most to lose" by which group is entirely routed out, the answer is always going to be al-Qaeda.
The second part of the equation is the actual impact a hacker can have on the US, China, etc. Hackers have already compromised US computers. The stories show up in the press and then they die just as fast. Or the military keeps quiet about them.
I probe for fun, testing web application security and trying to compromise my own PHP coded apps from time to time. One individual, like myself, is never going to be able to do anything more than perhaps compromise a few
However, suppose I compromise two private keys for al-Queda staff? And I fake reports/messages? Or suppose I introduce new recruits into the organization? There's a great deal of trust in a very small group, it may not take more than a week for me (one person using the private key of someone else) to find the Osama bin Laden's of the world.
Keep in mind that these terrorist organizations don't have the luxury of a "recruit.com" and "securenetwork.mil". Instead, they have a lot of their "join us" propaganda run by individuals that are maybe once removed from the guys calling the shots.
This should have been obvious (Score:3, Interesting)
I'm guessing that they are mostly civilians working for the NSA and CIA with close ties to the military. I'm saying mostly civilian, as the military doesn't usually attract people with multiple degrees in advanced technical subjects. They will work closely with the teams, though, providing military intilligence to augment what the civilian agencies provide. They will be set up in small 'fire teams', so when they need to go to work, they can be assigned to seperate specific targets. During peacetime they will be constantly practicing intrusion techniques on each other, wargamming various scenarios. I'd say that they won't be ex-blackhats, as they aren't very reliable. Probably young-ish college graduates with masters degrees that are very dedicated and focused individuals. (Think FBI or CIA agent in mentality: highly reliable team players, not hot shot hackers.)
I think it sounds like very interesting work. If any of them read this posting, contact me. I don't need to tell you how, because I'm sure you can find me...
Re:Revealing (and scary) line from TFA (Score:3, Interesting)
I'm not sure how able this special unity will be at disabling the said infrastructures, but assuming that it could I can surely seen CNN advertising that this is a humanitarian way to solve the problem, while in my opinion is just the inverse. It will first affect all the civilians to then start affecting the military.
Not neccessarily THROUGH the Internet (Score:3, Interesting)
So it's a good bet these guys aren't just sitting at a desk playing nethack. Some of them are probably special-ops types with additional computer training. I can easily see operations where we'd drop in sabotage units via aircraft or submarines, and hose entire infrastructures by accessing them locally, just like the Serbian incident. Keep in mind that in modern air defense systems, often multiple units are connected in clusters, sometimes relying on just one radar dish per 3-5 missle units, all connected electronically. Hose the radar, and you've fucked the entire cluster. And while military communications networks usually aren't connected to the Internet on the battlefield, they ARE becoming more and more computer dependant. So it wouldn't be improbable to imagine some of these guys tracking down the right coax cables connected underground to a command and control bunker somewhere, then attaching a vampire tap to access the network.
Re:The best defense (Score:5, Interesting)
On the other hand, professional military people are inherently biased toward offense, not merely because of their training, but because they tend to be aggressive people by nature (self-selection.) Sometimes this has caused them to serve there countries poorly. Two examples will suffice:
1) Convoy
Britain learned by bitter experience during the 16th through 18th centuries that the surest way to reduce shipping loses due to enemy action was convoy. Convoy was effective even when there were no escorts! Yet by the advent of the first world war, this knowledge was somehow forgotten or neglected. Individual captains with fast ships did not want to participate in slow convoys which they believed would make them more vulnerable. The navy approved of this view because they preferred to spend their resources actively, in a futile scouring of the endless seas, rather than passively, in protecting what was really important. Merchantmen were allowed their freedom, and the result was nearly disasterous: the U-boat campaign of the first world war came much closer to starving Britain than did that of the second. The situation was only retrieved by implementing convoy.
2) Battlecruisers
A famous example of "offense is the best defense" gone wrong. The idea of a battlecruiser was a ship with the armament of a battleship but the speed of a cruiser, maximizing the tactical qualities of movement and firepower. As this was achieved by reducing armour, the resulting ship was cheaper as well! It was a very popular idea with the naval theorists. But the battleship was a system, in which guns and armour functioned together. As Jutland demonstrated incontrovertibly, a battlecruiser could not survive in an environment with battleships, but it was not as useful for screening fleets as the several smaller cruisers it replaced.