Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security The Military United States

Hackers Breached US Army Servers 209

Posted by timothy from the fine-line-between-clever-and-stupid dept.
An anonymous reader writes "A Turkish hacking ring has broken into 2 sensitive US Army servers, according to a new investigation uncovered by InformationWeek. The hackers, who go by the name 'm0sted' and are based in Turkey, penetrated servers at the Army's McAlester Ammunition Plant in Oklahoma in January. Users attempting to access the site were redirected to a page featuring a climate-change protest. In Sept, 2007, the hackers breached Army Corps of Engineers servers. That hack sent users to a page containing anti-American and anti-Israeli rhetoric. The hackers used simple SQL Server injection techniques to gain access. That's troubling because it shows a major Army security lapse, and also the ability to bypass supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches."
This discussion has been archived. No new comments can be posted.

Hackers Breached US Army Servers More

Hackers Breached US Army Servers

Comments Filter:

  • Re:Amazing. (Score:2, Informative)

    by Anonymous Coward on Thursday May 28, 2009 @04:29PM (#28129657)

    Yes and No. If I want to have a program that I pass SQL queries to and it returns either safe or unsafe that is not a computable problem. There is no way to tell if a query is good or bad without context. That being said there are things like prepared statements that give the statements context, that is explicitly stating which parts of the query are control statements and which are data.

    In a simple system you are correct but in a system of even moderate complexity telling if code is vulnerable to SQL injection becomes non-trivial. When you have to dig through 5 levels of inheritance several times to hunt down all the places where the query is actually formed it's not all that simple.

  • Re:wood for the trees (Score:5, Informative)

    by HaZardman27 ( 1521119 ) on Thursday May 28, 2009 @04:36PM (#28129747)
    Sensitive does not mean classified. Sensitive could be as simple as a change in the dinner menu at the chow hall, which could suggest the arrival of important personnel. Classified information would not even exist on networks accessible via the internet.

  • Re:wood for the trees (Score:2, Informative)

    by AtomicDevice ( 926814 ) on Thursday May 28, 2009 @04:41PM (#28129823)
    Yeah, I used to work at a defense contractor and classified systems are on separate networks, and to my knowlege are universally separate from anything connected to the internet. sensitive is the lowest (or maybe second lowest?) classification, so breaking into "sensitive" servers isn't a particularly big deal, although I guess they might eek something useful out of it. Is our biggest fear that attackers might learn the inner secrets of publicly available government websites? basically anything that they don't explicitly publish falls into this category as far as I can tell.

  • Re:Amateurs (Score:4, Informative)

    by mlts ( 1038732 ) * on Thursday May 28, 2009 @05:29PM (#28130549)

    Actually, if someone did a show-stopper like that it would be a bad thing for everyone. It would provide the impetus for the Internet to be split up into separate non-connected networks and walled gardens. These wouldn't be "mere" firewalls, these would be networks that would be either running a new (or old) network protocol (IPX is an example) or a non routable protocol such as NetBEUI (Don't confuse NetBEUI with NetBIOS... NetBEUI is the transportation and is obsolete, as TCP/IP has completely taken over that communication layer function over) or Appletalk.

    Right now, a black hat can sit at his/her computer, and connect on the same network to virtually anything. Should people get too upset and knee-jerkish about a War Games scenario, he or she would have to spend a lot of time and effort trying to get gateways working to networks that have completely different protocols (IPX, VINES) in the effort to try to attack machines.

    Compared to the past, a dedicated cracker just needs to focus on a relative small part of an OS or a service like Apache, IIS, or SQL Server for great gains. In the past, one had to jump from DECNet to BITNET to NSFNet, perhaps doing through multiple UUCP hops if the boxes were moving mail via store and forward and mdoems. Almost no host or network was the same as another, so a generic "script kiddy" who could run a prepackaged toolkit against a random company didn't exist back then.

  • Re:wood for the trees (Score:5, Informative)

    by TinBromide ( 921574 ) on Thursday May 28, 2009 @05:32PM (#28130605)
    The US military has a (well, many) classified network and an unclassified network. All computing equipment has a little sticker on it that says that equipment is used for which (classified or unclassified) purpose. I'm sure that the hacked web servers all have a little blue sticker with white text that says that the server is to only work with unclassified info (websites, most likely). I wouldn't really call this a security breach any more than I'd call shoplifting a robbery. While yes, the web servers were indeed "hacked", its not like that webserver was hosting top secret plans in pdf form for distribution purposes.

  • Re:wood for the trees (Score:4, Informative)

    by dwillden ( 521345 ) on Thursday May 28, 2009 @06:32PM (#28131335) Homepage
    Correct, Sensitive is specifically interpreted to mean non-classified information that is exempt from FOIA release, data such as SSN's and unit rosters and the like.

Slashdot Top Deals

The key elements in human thinking are not numbers but labels of fuzzy sets. -- L. Zadeh

Close