Russians Crack US Department of Defense Computers 107
iCEBaLM writes "According to this Excite article, attackers who stole sensitive defense and technical research documents from US Defence Department computers were traced back to the Russian Academy of Sciences, [which is] government funded and has ties to the Russian Millitary. It seems it doesn't stop there and that attacks from Russia are quite widespread against US government and corporate sites. From Russia with Love." No! No! It's state-sponsored Cyberterrorism! [ M.S. : I want to remind readers that there's some serious doubt that these attacks actually exist - see George Smith's Electronic Pearl Harbor for more information.]
What source? (Score:3)
I just think people need to be careful (especially with the press and its tendencies to blow up "cyberterrorism"/defacement stories) that they don't blow things out of proportion.
Whoa, really?!? (Score:3)
And all this time, I thought that hackers were just kids in suburban US basements...
Bullshit (Score:3)
for classified information specifies that
there is no internet connectivity on
computers having classified data on them.
--
Insanity Takes Its Toll. Please Have Exact Change
Probably pretty common. (Score:1)
Yeah, well... (Score:1)
How were they tracked? (Score:2)
After all pretty much any hacker raised durring the cold war period would love to make it look like they were coming from Russia. Soon as the trackers got that far you'd hope their just going to jump on it! Of course now we've got better targets to hide behind but someone from the proper time period with the right mindset....
Re:What source? (Score:1)
Still, it's sad. Perhaps the Pentagon should follow a short little motto: The most secure box on the earth is one that's turned off. (Or at least not connected to the internet without a firewall.)
Is this particularly surprising? (Score:1)
Don't believe it (Score:2)
The Difference (Score:1)
I think it is bogus because.. (Score:1)
It was just a bored sysadmin in one of this intitutions, or a student from Moscow State CS who used to held speed hacking and protection breaking contests...
Re:Bullshit (Score:1)
A document might be classified as "public" or "sensitive" or "top secret" or "top secret: magic" or "top secret: presedential eyes only"
Everything is classified. To which classification something is is what is significant.
My point being, you have know idea what your talking about, so we shouldnt beleive you about security procedures.
One big vicious circle... (Score:1)
Doubtless, this is just the tip of the iceberg. Russia cracks the U.S., U.S. cracks Australia... Does Australia crack Russia? Maybe.
Is there a war going on or something?
-W-
Armor Up for Cyberwar! (Score:1)
beans (Score:1)
"It's Net So It's New!" (Score:3)
Espionage is espionage. Major world superpowers spy on eachother. It's part of the structure of things--a presumption of visibility or "Sunshine" has a way of keeping governmental structures honest.
OK, honest isn't particularly the best of words. The US constitution is based on the concept that no one power structure can be fully trusted, so it places multiple power structures in opposition and dependance upon eachother, on the assumption that the intrinsic weaknesses in one will be balanced by the greed of another.
Heh, it makes about as much sense as Mutually Assured Destruction, but we did manage to make it through the Cold War without any (public) nuclear incidents. There's something amazing in that.
Anyway, if our country is based on the concept of multiple untrustable bodies balancing eachother, geopolitical stability as a whole is probably achieved by multiple untrustable nations spying on eachother, monitoring the behaviors of one another. The war wasn't that cold--just silenced.
Don't be surprised that there are spies online. Spies read newspapers. The NSA auto-downloads a number of sites on a daily basis(so said some guy who runs one of those sites). It's an "Open Source", as they call it. Extending the fact that they use open sources to the fact that they hack in a closed manner isn't ridiculous, or different.
It's standard operating procedure. If the spies weren't using the net, the intelligence level of the intelligence community would be rather suspect.
Are there differences? Yes. For one, the lack of a need for a physical presence at a compromised site--no moles, no informants--is disturbingly efficient. A report of an entire site compromising attack--Linux Kernel Module, uploading to some Australian Samba dropsite, slapped off a compromised Teraterm Pro SSH patch--that took eight seconds to go from full security to zero...the ease of this, compared to the espionage architectures of old, does have an impact.
What were you looking for? An easy answer?
Yours Truly,
Dan Kaminsky
Cisco Systems, NSA Division
http://www.doxpara.com
Can the government keep up with technology? (Score:1)
What are the tech-related issues currently under debate? Who's supporting what? Anybody know?
Your right (Score:1)
sidenote:
The melissa virus actually got onto some DIA computers because someone brought a disk from that was infected, which they arent suppose to do.
And no I don't work for DIA, I just know someone who does.
Re:Is this particularly surprising? (Score:1)
Those in the USA should remember that WE have the right to tell our own government what to do, NOT the other way around! A pointer to all of you special interest groups, which can KMRA.
re: cyberwar (Score:2)
Exactly (Score:2)
Stories like these make for great press, but the only way they are going to get any secret info out of secure defense or intelligence agency is if someone placed the info on a computer outside the internal network. And this is a federal offense!
Re:I think it is bogus because.. (Score:2)
Everybody spies on everybody anyway, so all you need is that "plausible deniability" factor to avoid formal incidents. We'll complain about this, they'll complain about NSA cracks disguised as university student attacks, and everybody will forget about them.
Re:"It's Net So It's New!" (Score:3)
Cisco has a division called NSA--Network Supported Accounts, not No Such Agency.
Unsurprisingly, the real NSA was on my mind as I made this post. LOL. I work for Cisco's Network Supported Accounts division. Big, big, big difference.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
This isn't really a new idea (Score:1)
Re:What source? (Score:2)
In fact, the DoD security rules dictate that any information with more than a given level of sensitivity (I used to know what the level was, but long since forgot) is not to be stored on any computer with a network connection. And access to that computer is physically controlled. So if any important information was even on the public Internet, then whichever DoD employee or contractor put it there ought to be in deep trouble.
what a coincidence! (Score:2)
does anyone else find the link to state-sponsorship just a *little* tenuous? as if the more likely possibility isnt a student or group of students with a little too much free time on their hands?
and besides, if the US is really stupid enough to have classified information even available (connected to) the rest of the internet i think we fricking deserve it.
as for the cuckoo's egg thing (yes i have read it), people should remember that that was in a time where the ussr still owned 1/4 of germany and werent completely bankrupt.
unc_
Re:What source? (Score:1)
But, as I said, it's year old information on what is likely to be an machine with a relatively low level of classification. DoD guidelines say that anything above level x (I don't know the #) cannot be connected to the outside Internet, and word is the Pentagon's network is not only physically set apart but encrypted on the packet level also. So it was not likely something big. (altho granted the DoD has had viruses before from people bringing in disks, a no-no as well).
Seems suspiciously perfect, to me (Score:2)
The problem is that just because "the intrustions appear to originate from Russia," doesn't mean the KGB or whoever is responsible. In fact, the only thing this proves is just that: that the packets came from a computer in Russia. Whether that computer was itself cracked, and whether the information theft was performed at the console, or via a telnet session from Libya, is impossible to determine. But let's be honest: no self-respecting cracker would ever leave a blatant calling card like this, especially not when you're dealing with the US DoD. Chain-telnetting between two,three,five,six boxes before actually cracking a site is pretty much SOP for any serious cracker, which is why I submit that it's far more likely that this crack did not originate from Russia, or if it did, not in direct connection to the University mentioned. I think whoever perpetrated this wanted us to see the University and notice the military connection, and as far as that's concerned we've all fallen hook, line, and sinker.
Re:Whoa, really?!? (Score:1)
IIRC, Gibson proposed something of this nature in
- Count Zero
, where a jockey realized that old silicon (with poor security) never dies, and that much of it had wound up in cash-starved nations in Africa; he staged a mass attack against entire African nations, made off with a lot of ill-protected money, and triggered mass famine and governmental collapse, that kind of thing.Though I'm willing also to concede that the East just has a large (cr|h)acker population -- as Linus has pointed out (on why Linux got done and why complex tech things happen in unlikely European nooks), "the winters are long and dark." :)
Re:What source? (Score:1)
So far, they just questioned him and took images of his hard drives.
----------
Re:Whoa, really?!? (Score:1)
Re:What source? (Score:3)
Sadly, I know some people who have accounts on hundreds of university, nasa, large and small corporation, and personal boxes. Once someone gains access to a box and installs a sniffer, it is fairly easy to gain a large number of accounts.
If I was to exploit a problem in a DOD computer, I would sure as hell use 2-5 intermediaries and possibly some wingates. Also note that the majority of people breaking into these computers really don't give a shit about the sensitive information included on them. For them, its primarily just a digital playpen where you have status for having root on one of those systems.
----------
Re:More Bullshit (Score:1)
Re:what a coincidence! (Score:1)
Anyway, your premise is faulty -- Russia isn't completely bankrupt. It's completely corrupt.
Russian officials who are busy funneling as much as they can to Swiss banks aren't going to bother paying chem/bio warfare experts what they could be paid in the wealthiest nation on Earth or a major oil producer, especially since Russia has plenty of nukes as a deterrent.
And where are the soldiers, miners, and other peons going to go? So why bother paying them if you don't have to? Take the $$$ that comes from selling natural resources and put it in Switzerland, and tell the peons to work or starve.
I doubt it, at least that Rus.Ac.Sc involved (Score:3)
As a former employee of the Russian Academy Sciences (RAS) [www.ras.ru] I strongly doubt that now it is capable of carrying out of anything like this attack. After the collapse of the Soviet Union RAS is in extremely poor condition with most capable people gone either abroad or to commercial companies. Younger people do not join RAS because of very poor working conditions and low wages. It is hard to find anybody younger that 30 there. The monthly salary at RAS is something about US$100 that even in Russia is almost nothing for a computer professional. In fact, I am just waiting when Russian government [www.gov.ru] will openly admit that it does not see any need for science and technology and will close RAS bringing suffering of its employees to the end. And another issue is that very few people in the West understand what RAS is (or was), and RAS name taken alone always leads to some overexpectations. The only thing that RAS has now is its past.
Of course, there is a chance that may be some script kiddy has gotten stuck in RAS but it is quite slim, IMHO. Also in many cases RAS poses simply as an ISP (e.g. domain relarn.ru [relarn.ru]) that is used by some private and government organization. Some descendants of the Soviet KGB are certainly experienced and capable of cyber attacks.
Speaking of Cyberterrorism.. (Score:2)
Sorry to rant, but I'm tired of hear all this cyberterrorism BS. I swear if I heard that word one more time...
E29
It’s a fairly obvious spoof (Score:1)
Chinese-blaming season ended... (Score:1)
Re:Yeah, well... (Score:1)
Their department of science is probably, just like the US' schools equivalent filled to the brims with wannabe eLiTe packeteers.
*yawn* Why can't the packet kiddies realize that smurfing and SYNflooding (and so on) is a *bad thing*
--
Re:Speaking of Cyberterrorism.. (Score:1)
There are a number of private Internets that are used by various federal agencies.
The problem seems to be that sometimes sensitive but unclassified data gets stored on systems connected to the public Internet.
Re:What source? (Score:1)
Relax... :) (Score:1)
So - guess what - I think it's all just some 20-something guys that have enough knowledge and too much spare time and free 'net access. Nothing more here, IMHO.
BTW: These same guys are also making a lots of good soft
Re:Whoa, really?!? (Score:1)
> eastern and third world. Less money,
FreeBSD & Linux are flourishing here (in Russia)...
> older technology,
Yeah, UNIX, I know
> less security information readily available,
You must be kidding.
> fewer trained security people,
A LOT more self-trained people - you spend less time here making money, money, money - more time to learn.
.....
Re:What source? (Score:1)
Though, they did admit that they had his ISP monitor all his traffic for weeks before.
----------
Re:Yes we HAVE state sponsored cyberterrorism. (Score:1)
now for something on-topic..
I see people getting their panties all in a knot.. but this news isn't any different than the news several days ago about the attack on the aussy exchange from american gov (or was it mil?) site.
//rdj
Re:Whoa, really?!? (Score:3)
As I just went home to Ukraine recently, I was a bit surprised at the amount of software on the streets.
Computers fell to the $200 range, no one cares about top of the line machines there, but a lot have 3d accelerators installed.
Average software package runs you $1.5, stuff like Microsoft Office 2000 Premium was $6.
Computer programming is a required class in all high schools. Now, if you take into account that we learn Algebra in 5th grade and Physics in 6th, why are you surprised? We graduate as programmers. We still use DOS on a daily basis. It is starting to become Netadmin-only thing here in US.
English is also a required class, for at least 4 years.
So what do you get? People who are highly skilled in computer technology and who have no way of utilizing that skill in their country.
Would you hire them to spy on other countries? Would they agree? Yep, nothing to lose with non-existant computer laws.
The kids there do not think of sports or showbusiness as a #1 career, they are into the IT. There is no such thing as legal software either. If I need say HP Openview, I'll get it free from a friend or for $1.5 on any street corner. Yes, the duplicated software is sold more openly than drugs but in the same fashion.
It is cheaper for me to order a lot latest games already modified and pay for the air international shipping rather than to hit a local store.
People do have time to burn, and software engineering is probably the most profitable career choice.
You'll be seeing a lot more of this.
--
Leonid S. Knyshov
Network Administrator
A Few Notes (Score:1)
Sensitive data might seem innocuous to the casual observer. A single piece may mean little. But a group of specialists with many sensitive pieces can discern what the classified object is. If you don't believe that, you are fairly ignorant of basic espionage techniques.
China's stated goal is to eclipse the United States within 50 years. In the recent US spy trials, it was disclosed that China has a plan on the books to launch a nuclear attack on the US within 5 years (before the US missile defense systems begin deployment) China estimates each side would "lose" about 150 million people, or roughly 10% of the Chinese population, a loss they consider acceptable. China is a human rights nightmare, with a communist government that is anti choice and anti market. If you dislike the US Government and the DOJ, wait till you try running a business in China. BTW, Bill Gates has a lot of admiration for China and visits Beijing regularly. Apparently, antichoice/monolithic thinkers enjoy each other's company.
Russia has a lot of brilliant scientists and programmers. They are also in severe economic trouble, and have a terrible problem with organized crime. It's becoming clear that a lot of the "old guard" remain in power, especially given the recent embezzlings and amazingly efficient population roundups (following the terrrorist bombings) I don't doubt someone in the sciences is making a concerted effort to hack the US Military.
Obviously, something happened on the US bases. A couple months ago, everyone had to rotate their passwords, and the comm people were running all over the bases. An ISP had their contract pulled from at least one base, due to the tightening.
Finally, *something did happen*. Possibly something bad. For all the comments about "Oh, well, every country does it, big deal", try to remember that the United States is a great protector of freedom, and many of the countries listed in the article have pledged to kill all Americans in the name of religion, or wish to deny people a free market and choice via the use of the communist system.
The loss of a major technology to a communist or radical religion-based country could mean the difference between slavery and freedom, or death, for generations of people.
Re:A Few Notes (Score:2)
the classified object is. If you don't believe that, you are fairly ignorant of basic espionage techniques.
This is a very good point. My current boss did crypto work for the military before he went into IT. One point that he, and everyone else I have ever talked to have made is what you have said.
i.e. If some secretary puts in an order for 50,000 Winter gear sets via email that is not considered classified. Any intelligent person could discern that there are probably going to be troops sent to a winter region somewhere. Combine this email with various others. It's all about seeing the patterns in things. I'm sure if you were handed printouts of 50 random military emails you could probably glean some very sensitive information from it.
moderators: mark up the parent of this thread.
Re:Speaking of Cyberterrorism.. (Score:1)
I feel the reagan years coming on again (Score:1)
kapitalisticheskie cobachki! Znaem myi vas!!
Re:Bullshit (Score:1)
Who is to say that something is classified or not?
One mans junk is another mans treasure, sure some things might not be classified (according to the liars) but how dangerous are these information? Could be very dangerous, shipment orders might not be classified, but obtaining a list of these could give you an idea of what they are buying and what they will be build from what they are buying, perhaps what they are trying to build is classified? The military needs to pull all of its computer off the internet, They are pathetic, You can still find some sites today exporting / to everyone, (rw).
uh, excuse moi... (Score:1)
Re: People do it all the time (Score:1)
Poor Russians (Score:1)
our research centers like China does?
YA Cuckoo's Egg reference (Score:1)
information with certain people who may not
be a member of your organisation and the need
for security.
Computers work best when they can talk to other computers. Systems can be secured,
but if they are so bulky, nobody will use them.
But still, you are right.
Building secure systems are tricky, and the
people designing the systems need to know this stuff.
Not classified Info. (Score:1)
intruders had stolen "unclassified but still-sensitive information about essentially defense/technical research matters."
And maybe they didn't come through the Internet but through an internal network using telephones. (I don't know but I don't think the article says either way.)
But I agree with those who say that the article is just full of Cyber-hype.
Re: People do it all the time (Score:1)
Nor are you allowed to bring a floppy disk, or even a radio!
Re:what a coincidence! (Score:1)
> private citizens can afford to do it?
---------
it costs plenty when the gov't has to pay people to do it for them. private citizens dont pay themselves for things they want to do. but who is going to work (for someone else) for free?
---------
> Anyway, your premise is faulty -- Russia isn't completely bankrupt. It's completely corrupt.
---------
that ends up being the same thing. do you think corrupt officials have the best interests of their government in mind when theyre skimming money? so you think the same bastards ripping off the system are going to turn around and give the money back to pay the salaries of people below them? give me a break. havent you kept up with any news? most of the russian military hasnt been paid in months.
also take a look at the most corrupt governments in the world. with the lone exception of china, those same governments tend to be the poorest. (latin america, southeast asia, africa, etc)
-----------
Russian officials who are busy funneling as much as they can to Swiss banks aren't going to bother paying chem/bio warfare experts what they could be paid in the wealthiest nation on Earth or a major oil producer, especially since Russia has plenty of nukes as a deterrent.
-----------
youre missing the point. russia has lost track of a lot of nukes- soldiers are deserting and in some cases stealing nuke components. the russian govt is falling apart. they dont have time or money for this kind of crap.
Re:A Few Notes (Score:1)
try to remember that the United States is a great protector of freedom, and many of the countries listed in the article have pledged to kill all Americans in the name of religion, or wish to deny people a free market and choice via the use of the communist system.
please!! you are very naive!
i suppose giving a hand to pinochet helped protect people's freedom in chilli?
it's maybe true that north american citizens enjoy more freedom, but the USA is the country that did the most trouble on earth for the past decades.
i suppose you believe your government when they say they're going to kosovo protect the poor people over there, or they're going to koweit protect the orphan babies from the bad and evil irakian? what about viet nam? and the list goes on
i'm not saying that americans are more evil than anyone else, anyone else would have done this at their place, maybe even worse.
but do not forget that the normal chinese citizen, or russian citizen, is much more your friend than your government.
there's an anarchist slogan that says "if democracy really worked, it would have been banned since a long time"
oh, before you call me a radical eastern european or whatever, let me say that i live in north america. in quebec. do you know where it is? sadly, a lot of americans think the world stops at their frontier.
and sorry for my bad english spelling
cob2k25
Humans Weak Link (Score:2)
I remember reading about an event that happened several years ago. You'll have to forgive me - I'm fuzzy on the details (maybe someone else has read the same account and can fill in the gaps). But it went something like this...
Some guy was tracking down attacks on his systems (University, I think). Amoung the jump-points of the attacks was a Naval research facility. The guy met with the facility's COMSEC person. After some audit of their networked systems, the COMSEC guy was horrified to find the amount of data that had crossed from their "air firewall" systems to the networked systems. People transferred data on their own accord to make their jobs easier. They also disregarded security.
Now, this certainly doesn't mean that some Navy public web site is also a secret harbor of highly classified documents. And the press sure doesn't do much to limit this kind of wrong impression. However, one also has to be aware that despite rules and regulations, sensitive data might still be vulnerable.
Sorry man, you are wrong. (Score:2)
The security people happen to error on the side of EXTREME paranoia when clasifying data. What does this mean? It means that they will slap a "confidential" label on anything that could be considered even remotely interesting. And then it's usually not very usefull data anyway. If you want something interesting you usually end up dealing with S/SAR or TS material. (needless to say, this makes engineering life a royal PAIN in the arse.)
Let's talk networks now, shall we?
Networks that deal with different class levels have to be isolated. In between class levels you can SOMETIMES get away with firewall or crypto type isolation. sometimes. (like you can install a 1 way gate between a lower level and higher level to allow data be moved from a low level on up). To go from higher to lower level you have this god awfull procedure to follow. very "unfun".
From unclassified to ANY classification level ye olde NISPOM (gov security manual) says you must have physical media isolation. Period. An they really want you to go a step further and separate the wires by at least 1 meter. Fiber is prefered.
So, to conclude my rambling so I can go do something usefull, if someone stole truly "classified" data from a system that was accessiable via the Internet, somebody broke the rules on the DoD side. While that is possible, security folks tend to be really really paranoid and I doubt any data they stole was really classified.
later,
dv
But isnt this what the US government normally does (Score:1)
Re: People do it all the time (Score:1)
Re:Just another death-throe of the dying Bear... (Score:1)
Lies, classifications, and documents (Score:2)
Yep. The military complex is really just a big country club of spooks. They spend their time sipping Mai-Tais and lacing the public water supply with paranoia-inducing drugs. The last thing they want to deal with is pesky issues like information security and classifications.
The military is actually quite aware of how sensitive information is. And they're quite good at deturmining a classification level. But stamping a classification on a document isn't all - ensuring the document is handled properly is the problem.
Once again, you might be interested to know that this is hardly an unknown concept to the military. They refer to it as "essential elements of friendly information" (EEFI). When enough elements of unclassified information is gathered, classified information may be revealed.
Lets look at a common example of EEFI. Say a unit is going to be deployed to SandLand. Those orders are classified. However, observers are able to note changes in work schedules and large movments of equipment. They also know the unit is a rapid deployment unit. Furthermore, it is coming on winter. Yet, military personnel are observed buying a lot of warm-weather gear (shorts, shirts, sandels, sun screen, sunglasses). Its obvious that the unit is preparing to deploy to a hot climate. Scanning CNN reveals that there is some recent unrest in SandLand. Its a safe bet that the unit being observed will be deploying to SandLand.
Secure information is compromised without the actual involvement of secure documents.
What does the military do about EEFI? Classifying all and every document within the military would make day to day operations near impossible. Instead, the military attempts to keep aware of the dangers of EEFI and, via that awareness, try to limit the amount of information made available.
Re:"It's Net So It's New!" (Score:1)
If you could be sure where a connection came from, and could trust that source, you're a whole lot less likely to be stung than if you're wide open to any attack at all.
The attack you mentioned, involving Australia, is a case in point. The attacker came through the same ISP, had the same username and same password, but was not actually on the NT machine the legit user used. "Yes, " you might say, "but any key that the NT machine used would also be vulnerable to being copied!" That's true. However, that was a surgical strike. The attacker couldn't possibly have scanned for which (if any) IPSEC system was being used, located the keys, and transferred them to somewhere safe, as well as doing all the other evil things to the NT machine they did, in the timeframe involved.
Precicely because IPSEC is so rare, it's powerful, because people wouldn't necessarily stop to look for it.
(Besides, if the NT had IPSEC installed, they could have locked out connections from any unauthenticated host, thus preventing a break-in in the first place.)
There's no magic pill in security, but there are plenty of options out there, many of which could prevent any but the most determined of attacks. It's sad when the DoD has to cry wolf to upgrade their systems. Doubly so when they're perfectly aware of alternative software which could offer greater security and greater performance at zero cost.
Re:Speaking of Cyberterrorism.. (Score:1)
Or so they told me.
Will we all (/.) get enlisted?!?! (Score:1)
If at some point in the future we do have a cyberwar with someone, does it mean that all
The word "woman" is no longer politically correct.
Re:I doubt it, at least that Rus.Ac.Sc involved (Score:1)
wages. It is hard to find anybody younger that 30 there. The monthly salary at RAS is something about US$100 that even in Russia is almost nothing for a computer professional.
You have a narrow viewpoint, my friend. I'm a current employee of the RAS (the Institute of Astronomy, to be exact). I'm 26. There are at least 6 other employees in my age group here, out of about 50 people for the whole Institute. That's over 10% - not much, but definitely not "hard to find" (granted, we're relatively small and "rich" by RAS standards). Most us ARE computer professionals; we make a living by taking second jobs in the private sector. Why bother with the RAS job in the first place then? (BTW, your numbers are out of date. The average RAS salary is below $50 nowadays) Well, it seems a lot of people here like science too much to abandon it for the sake of a boring full-time, better-paying job. Why would I want to waste all my time on high-paying software development, when I can spend at least some of it studying extragalactic globular clusters just for the fun of it? Believe me, it works. It's the same situation all over the place here. Take theatre. Actors make the same $50/month. Yet the Moscow theatre scene is quite active. Some crazy Russians, we just like our calling too much. Thank God for that, it's the only reason ANYTHING still happens over here. (That said, I'm probably being a hypocrite, having just accepted a job offer from abroad... But at least the job is still in science.)
Now, for the original Excite article. What a load of crap... from the Russian Academy of Sciences, a government-supported organization said to interact with Russia's top military labs. Excuse me while I pick myself off the floor. "Government-supported?" Sounds very sinister, right? Heck, it's the bloody Academy of Sciences! That's like the National Science Foundation. Like, man, fundamental sciences! Who'd you expect us to be funded by, the bloody Bolshevichka Textile Factory? You insightful idiots^H^H^H^H^H^Hreporters! Anyway, the "RAS" itslef could hardly be considered an "organization" in the conventional sense. It's just a big bunch of independent (as in no money = independence) scientific institutions, plus a governing body that's mostly concerned with distributing the meager funds, and providing employment to an army of useless bureacrats. Perhaps these paper-pushers are the "suspects" referred to by "a U.S. official"? If the attack did come from within RAS, it's most likely just a random cracker-wannabe practising his stuff. I mean, what else is there to hack? The KGB would be a nice primary target, but they're not on the Internet... The Pentagon, conspiciously and appetizingly, is.
As for "interaction with top military labs", aside from the fact that this is a bit of an oxymoron (after all, this is the same military that has just trumpeted their novel idea of air strikes against Chechnya. After watching NATO bomb Yugoslavia for months. "Hey, General Ivanov, do you think NATO might have an idea there? One would think they might be trying to avoid casualties, or something?"), there is some truth in that. Even our Institute had a military liason section at one point in the distant past, supposedly concerned with ground-based observations of satellites. These Very Important Observations usually manifested themselves as empty [cheap] champagne bottles and used prophylactics, found by the janitor in the mornings... Sure, in the Communist days even mainstream science was subjugated to "military necessity". Remember the space station we had before "Mir", "Salyut-7"? The one that quite unexpectedly went down? The reason they lost it was because of the military equipment on board. Whenever the military would operate their stuff, they'd chase all civilian personnel from the Control Center (not enough security clearance!), and install various officers at the consoles. One fine day they decided to enable some not-quite-tested military subsystem just as Salyut-7 was going offline (that is, out of radio visibility, relative to operational ground links). When it came back online half an orbit later, the fuel tanks were empty and it was spinning madly in all directions at once. Apparently, the subsystem in question somehow caused all the correction engines to fire... and fire... and fire... A short time later, the whole contraption was burning up in somebody's backyard in (IIRC) Argentina. And no, I didn't make this up: I used to know one of the Salyut-7 engineers. Anyway, are we expected to believe that this bunch has actually mounted some sort of concerted computer attack?
As a final ironic twist on the story, do you know that most of RAS's 'net connectivity (at least within Moscow) has been funded by none other than George Soros? The guy whose philantropic activities were viewed by some of the rabidly-patriotic, anti-American crowd as a "CIA operation to get Russia's choicest scientific secrets on the cheap" (which did not stop them from actively applying for Soros grants, though). So, if we assign the same credibility rating to the Excite piece and the rabid Russophiles (which I believe is completely justified, based on the quality of the reporting), we have the CIA ultimately funding Russian attacks on the DoD... Way better than Le Carre, IMHO...
Re:Just another death-throe of the dying Bear... (Score:1)
You'd think if they didn't send the video someone would have said something by now. I'm not going to wade off into regional politics that i have a half-baked understanding of, but I think it's sad that wars over ethnic and religious hatred are still occurring as 2000 approaches.
Re:Bullshit (Score:1)