Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security The Military Technology

Anonymous Hack One Gigabyte of Data From NATO 304

GeekTech.in writes "The AnonymousIRC hacking organization have claimed this afternoon that they have hacked into NATO servers. As one of their tweets says: ' Yes, #NATO was breached. And we have lots of restricted material. With some simple injection. In the next days, wait for interesting data :) '"
This discussion has been archived. No new comments can be posted.

Anonymous Hack One Gigabyte of Data From NATO

Comments Filter:
  • Again ? (Score:4, Funny)

    by Chuby007 ( 1961870 ) on Thursday July 21, 2011 @08:26AM (#36833782)
    This is happening so often that better make a hack.slashdot.org and just add the site that was hacked and when... this is getting old...
    • Re:Again ? (Score:4, Insightful)

      by Shrike82 ( 1471633 ) on Thursday July 21, 2011 @08:37AM (#36833910)

      This is happening so often that better make a hack.slashdot.org and just add the site that was hacked and when... this is getting old...

      Agreed, but what I haven't seen is follow up stories about these breaches. I though Anonymous or LulzSec were due to release loads of News of the World/News International e-mails they'd obtained? Did I miss a story or are they still holding onto it?

    • Re:Again ? (Score:5, Informative)

      by bberens ( 965711 ) on Thursday July 21, 2011 @08:48AM (#36834048)
      Say what you want about wikileaks but they understood media/marketing. Releasing so much stuff so frequently makes it difficult for the media to absorb and create a media frenzy, which is the only way the plebes ever even hear about stuff like this.
      • Re:Again ? (Score:5, Interesting)

        by GooberToo ( 74388 ) on Thursday July 21, 2011 @09:27AM (#36834460)

        Say what you want about wikileaks but they understood media/marketing. Releasing so much stuff so frequently makes it difficult for the media to absorb and create a media frenzy, which is the only way the plebes ever even hear about stuff like this.

        That used to be true. Its not longer true. The largest media outlets created data warehousing applications which allow them to not only comb through these large data releases, but allows them to locate and follow trails of subject matter in which they are interested. It even allows them to discover sub topics, and so on.

        Literally, if these groups claim they are not releasing all of their information because media can't digest it, its a lie and is only self serving.

        Anyone else notice a lot of shit which Wikileaks was suppose to release was never released in spite of the fact people are still manning the shop? Wikileaks existed solely to benefit, blackmail, extort, and steal information. The fact the information was never released seems to hint it was sold to the highest bidder. Otherwise, according to their claims, a lot of CEOs should be jail by now.

  • by i kan reed ( 749298 ) on Thursday July 21, 2011 @08:28AM (#36833808) Homepage Journal

    Like all of them, ever. Not posting as AC because I'm not currently in jail.

  • Didn't sites that keep track of this retarded hacking shit disappear with the 90s?
  • by Gr33nJ3ll0 ( 1367543 ) on Thursday July 21, 2011 @08:29AM (#36833822)
    Really if a bunch of vigilantes can do it, imagine what the gov't sponsored Chinese hackers can do!
    • by RazorSharp ( 1418697 ) on Thursday July 21, 2011 @08:34AM (#36833874)

      Really if a bunch of vigilantes can do it, imagine what the gov't sponsored Chinese hackers can do!

      More like, if a bunch of vigilantes can do it, imagine what the gov't sponsored Chinese hackers do!

      • by Xest ( 935314 ) on Thursday July 21, 2011 @09:26AM (#36834452)

        I hear this sentiment a lot, but it would imply that the Chinese government is more competent than Western governments who allow for this type of fuck up in the first place.

        Is there any evidence that Chinese public sector is somehow more competent than that in the West?

        It's quite possible that the opposite is true, that the Chinese are managing to acquire fuck all, and that Chinese government systems themselves are equally vulnerable.

        • The fact that their government is communist(funded by loads of capitalist cash) leads one to believe that their "command and control" in regard to cyber-espionage is probably very tight.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      A recent Chinese military airshow featured a brand new stealth fighter (flying prototype), with features and performance of amazing similarity to our US F-22 Raptor. Ooops.

      I think we've already seen what govt sponsored Chinese hackers can do!

  • They probably downloaded tons of non-ocrd scanned documents, stored as images

    "Yes sir, it's all in the computer!"

    Or maybe 100k of data has the most important info... they only have to find an EBCDIC decoder first

  • Cloud (Score:5, Insightful)

    by StripedCow ( 776465 ) on Thursday July 21, 2011 @08:32AM (#36833856)

    I certainly don't want to provoke anyone, but I wonder how long it will take until they hack gmail and other cloud-based services, and put all the data into the open?
    Thanks to these guys, I'm not so sure anymore whether I like this idea of the cloud.

    • Re:Cloud (Score:5, Insightful)

      by Aladrin ( 926209 ) on Thursday July 21, 2011 @08:38AM (#36833920)

      You do realize that the things these guys do aren't that spectacular, right? They're little better than script-kiddies.

      Real hackers are out there right now doing much, much more. And they aren't telling you about it.

      So what you are essentially saying is that you feel perfectly safe, no matter the real situation, unless someone starts describing reality to you.

      Anonymous/LulzSec has done a great job of showing people what the internet is really like. It's a very scary place.

      • Hackers target smb [wsj.com] references this exact issue - lulz/anon are harmless. Everyone sees the big headlines but its thousands of small businesses that are getting their data stolen every day and left with no ability to recover.

        Granted, you make your own mess when you hire the $20/hour web guy out of college who thinks that online transactions are safe because he used magento out of the box, but the real hacking is occuring daily and there's no way to stop it, or even properly monitor it. Even when these are
      • Re: (Score:3, Funny)

        by Anonymous Coward

        Real hackers are out there right now doing much, much more. And they aren't telling you about it.

        Wait, if no one knows what "real hackers" are doing then how do you know they are doing anything?

    • Re: (Score:3, Insightful)

      by Scott64 ( 1181495 )

      Your information is every bit as safe as it ever was. Which, as it turns out, might not be as safe as you thought it was.

      • Nor will it get any better.
      • This argument seems a lot like saying 'your house is just as flammable as it ever was', right after an arsonist torched the place. Ultimately everything has to be a trade off between usability and convenience, and security. Similarly with stuff like wikileaks, we expect that there should be mechanisms by which specific crimes might be exposed to the public over and beyond conventional security policy. But when these holes are publically exploited, then they have a number of spill-off effects.

        Firstly, for

    • They hack anything and everything, and essentially just demonstrate that poor security is everywhere. Whether that's what they want to prove or not, that's the point they end up making.

      Don't trust anyone with your data until they are proven secure, and then always wonder if they made an update that breaks their security.

      People trust the cloud, but don't think about what it actually means. Someone else has your data, and you trust them to keep it private, and not use or sell bits and pieces here and there

    • I think that's kinda their point.
      Security is easy, very easy. The fact that none of these huge companies or government agencies can do rudimentary things to secure their sites should scare you. Hackers should keep plucking away at them until they either secure their sites or take them down entirely. Hacking should be legal, it's the only thing that tells us if a site is secure from the real bad guys... the ones that don't publish their results.
    • by Thiez ( 1281866 )

      > I certainly don't want to provoke anyone, but I wonder how long it will take until they hack gmail and other cloud-based services, and put all the data into the open?

      Well, given the fact that gmail now allows over 7.5GB of storage per account, hackers stealing a single GB of data probably wouldn't affect that many users. Of course that doesn't make it right, but it does limit the damage somewhat.

    • Anonymous and LulzSec are really fronts for Mark Zuckerbergs push to demolish all anonymity.
    • Anonymous programmed one Gigabyte of data from NATO Huh...

      "The AnonymousIRC software development organization have claimed this afternoon that they have programmed into NATO servers" Programmed into?

      Hate to be a grammar Nazi but the message is a bit twisted. What did they do again?
    • In general at least groups like anon and luzlsec have been fairly weak attacks targeted at poorly secured pages with vulnerabilities that are years old. Mainly I think they are pointing out that the security of these places is pathetic, rather then nothing is secure. Google has an incredible track-record for deflecting large scale attacks. I'm not saying they are invincible, but they do actually seem to know what they are doing.
  • Everyone is hacking into government computers and learning the secrets of the government oh noes. I have government data on my computer maybe more than some of these hackers claim to have liberated here is the catch. Gov data is very boring. For example my latest gov communique was plans for a building with a rotten roof. Yes I have to look at it and bid on repairing.
    I think the government is running out of terrorist and need a new batch of international terrorists with computers. You are not safe they ca
    • Well, eventually the feds caught on. They noticed that adding "with computers" to whatever is being done changes everything. For reference, see laws.

    • by Anonymous Coward
      Average citizen: "It's just not normal to carry around a computer all the time! It makes me feel less secure." *proceeds to check i-phone*
  • NATO Hacking (Score:5, Interesting)

    by Anonymous Coward on Thursday July 21, 2011 @08:41AM (#36833962)

    I know, it's a stupid question but I have to ask it. Why are government and military servers and computers that store sensitive data connected to the internet at all. Shouldn't they be on isolated local networks only?

    • Re:NATO Hacking (Score:5, Insightful)

      by KarrdeSW ( 996917 ) on Thursday July 21, 2011 @09:02AM (#36834200)

      Can't reach TFA due to high traffic right now but from TFS it doesn't really say whether anything they stole was that expensive, just that there was "One Gigabyte" of it.

      It could just be cafeteria menus.

      It'll be a dark day when NATO's enemies hear about next Tuesday's Salisbury steak.

    • by Nidi62 ( 1525137 )

      I know, it's a stupid question but I have to ask it. Why are government and military servers and computers that store sensitive data connected to the internet at all. Shouldn't they be on isolated local networks only?

      Because government agencies cooperate and share information routinely over very large distances with their personnel in different states and with agencies of other states as well. NATO is a very large organization comprising of 28 states. This means the military and intelligence agencies of 28 states cooperate with at least a fair degree of regularity, often across the ocean. Each state more than likely has their own internal information and communication system, yes. But to get each member state to agr

    • by Andy Dodd ( 701 )

      It's either not that sensitive, or someone REALLY fucked up.

      Actual classified data is supposed to be airgapped, or protected by NSA Type I crypto. If these guys broke an approved Type I system, that would be some of the biggest news in crypto history.

      • by halivar ( 535827 )

        Yep. Remember that Wikileaks needed someone on the inside to get the information. I find it highly unlikely that Anonymous got any really important documents. Sure, maybe they were marked classified. That doesn't mean shit.

    • by the_raptor ( 652941 ) on Thursday July 21, 2011 @09:49AM (#36834778)

      "Restricted", "sensitive", and "secret" material is low level. That is the level of material that everyone in the military and government bureaucracy has access to. It is the sort of stuff that is either not very sensitive (ie enemy agents could figure it out easily just from observing a base or similar) or has only a small window in which it is useful (ie by the time the enemy could react it would be too late).

      These days with the adversarial government/media relationship tons of material is classified like this just to discourage the media from baking scandals, and to prevent citizens from finding out about legitimate scandals (at least in the short term).

      What was accessed in this case was probably some boring inter-NATO administrative emails, with the most interesting stuff being up-coming exercises and the like.

      The stuff that Wikileaks released that inspired this spate of hackings WAS from an air-gapped computer.

      • "Restricted", "sensitive", and "secret" material is low level. [...] It is the sort of stuff that is either not very sensitive (ie enemy agents could figure it out easily just from observing a base or similar) or has only a small window in which it is useful (ie by the time the enemy could react it would be too late).

        Intelligence analysis involves a lot of time and effort collating non-secret, but "sensitive" material.
        Because frequently, sensitive + sensitive + sensitive = secret.

        As an example: Recall the grad student who compiled a map of the USA's fiber infrastructure?
        His master's thesis was classified and the Feds pulled all his citations from public access.
        Another example: The plane spotters who log tail numbers and figured out the CIA's network of private rendition jets.

        The world is full of non-secret information t

    • Because there's no point in having a massive intelligence network if your people can't access the info. And it's really not practical to have to travel to a very specific office somewhere to get the data.

      All your personal data (and mine) is available in a couple of thousand offices too... and can therefore be hacked as well.

  • By now, with all that happened in the last 6 months on this front, you would have though that any computer holding sensitive information was already moved behind an air gap. That IT security experts would have learned that they cannot protect their networks against attack as long as the network is opened to the outside world.

    Either people do not learn, or they are really way to slow at making things change...

    • Well, is the data that sensitive? Here is one they released: http://pdfcast.org/pdf/nato-1 [pdfcast.org] Old and dull. And Sabu yesterday claimed they were about to release a bunch of Sun emails. Now they say they won't. There's a bit more smoke than fire.
    • Re: (Score:2, Insightful)

      by TheCarp ( 96830 )

      Yah maybe if there were actually real threats that NATO was needed for... they might take security seriously. Given that they are just an excuse for nations to dump money into military contractor pockets (much like the US military who hasn't fought a real threat since the early 40s)... well why should they give a shit?

      Intrusions? Data gets lost? Clearly that means they need more budget. This will be a windfall for them.

    • by bberens ( 965711 )
      Meh, "sensitive" is relative. Let me know when it's proven that there's actually some meaningful scandalous data here. Otherwise it's just a "Look what I can do!" Anything the military does or buys is considered sensitive by default. It's silly really.
    • by Andy Dodd ( 701 )

      Or Anonymous thinks the data is a lot more sensitive than it really is.

    • by Xest ( 935314 )

      "By now, with all that happened in the last 6 months on this front, you would have though that any computer holding sensitive information was already moved behind an air gap."

      It goes a bit like this:

      "Nah, it's nothing to worry about, it'll never happen to us. Now get on with doing your Office 2010 upgrades."

  • by AngryDeuce ( 2205124 ) on Thursday July 21, 2011 @08:51AM (#36834068)

    How is it that all these different sites keep getting hacked? I mean, NATO doesn't have access to experts in internet security that are able to defend against these attacks?

    I'm not in the field, obviously, and I know that things are always evolving, but it seems to me that there needs to be more layers in web security. Also, why is there not more encryption on sensitive data? Is encryption more costly if it's more complex?

    I can understand when a corporation gets hacked, they're going cheap on web security because of the costs. But one would think that truly sensitive information with major geopolitical players would be buttoned up pretty damn tight.

    • Re:Wha.... (Score:4, Interesting)

      by flonker ( 526111 ) on Thursday July 21, 2011 @08:56AM (#36834136)

      The thing is, they are not picking targets and then hacking them, rather they are mass scanning to see what is vulnerable then picking through the list to find stuff they find interesting. With that said, you would expect a military organization not to be the "low hanging fruit".

    • by blueg3 ( 192743 )

      Keep in mind most of their targets are large organizations with tons of Internet-connected computers -- one of those machines is bound to have a vulnerability.

  • by ArsenneLupin ( 766289 ) on Thursday July 21, 2011 @08:57AM (#36834148)
    Glad to learn that the boys aren't discouraged by the arrests!
  • These guys probably have shares in some security company...

  • why does every piece of data have to be on the fucking Internet. Just because a computer or a network isn't connected to the Internet, it won't instantaneously burn or explosively self-destruct.

  • If governments were more open and didn't try to keep so many secret, it wouldn't be so bad if they got hacked. By definition, if there were no secrets, they'd be nothing to hack. Perhaps this a motivation behind the attacks by Anonymous: they want to show governments that keeping secrets is no longer worthwhile.

    I think future governments have three choices: 1. Pay the cost of maintaining highly secure systems to keep their secrets (which can never be guaranteed) 2. endure the costs of their secrets being di

  • Some reference... (Score:5, Informative)

    by SCHecklerX ( 229973 ) <greg@gksnetworks.com> on Thursday July 21, 2011 @10:13AM (#36834988) Homepage

    For those of you who don't understand the military's networks. And there are a lot of you, it seems.

    http://en.wikipedia.org/wiki/SIPRNet [wikipedia.org]
    http://en.wikipedia.org/wiki/NIPRNet [wikipedia.org]
    http://en.wikipedia.org/wiki/Sigint [wikipedia.org]

Keep up the good work! But please don't ask me to help.

Working...