Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
United States

Russians Crack US Department of Defense Computers 107

iCEBaLM writes "According to this Excite article, attackers who stole sensitive defense and technical research documents from US Defence Department computers were traced back to the Russian Academy of Sciences, [which is] government funded and has ties to the Russian Millitary. It seems it doesn't stop there and that attacks from Russia are quite widespread against US government and corporate sites. From Russia with Love." No! No! It's state-sponsored Cyberterrorism! [ M.S. : I want to remind readers that there's some serious doubt that these attacks actually exist - see George Smith's Electronic Pearl Harbor for more information.]
This discussion has been archived. No new comments can be posted.

Russians Crack US Department of Defense Computers

Comments Filter:
  • by Uller-RM ( 65231 ) on Wednesday October 06, 1999 @06:51PM (#1632609) Homepage
    Routing can be spoofed, after all. And because the school has ties to Russia's military, it doesn't mean the cracks (if they really happened) were driven by military forces. It could just be college CS students on the rampage, happens all the time.

    I just think people need to be careful (especially with the press and its tendencies to blow up "cyberterrorism"/defacement stories) that they don't blow things out of proportion.

  • by kurowski ( 11243 ) on Wednesday October 06, 1999 @06:52PM (#1632610) Homepage
    You mean, there are actually people in Russia trying to hack into US computers? I knew it! They must be in league with the kid from Spain that just portscanned my box.

    And all this time, I thought that hackers were just kids in suburban US basements...
  • by Lally Singh ( 3427 ) on Wednesday October 06, 1999 @06:52PM (#1632611) Journal
    The Dept Of Defense security requirements
    for classified information specifies that
    there is no internet connectivity on
    computers having classified data on them.

    Insanity Takes Its Toll. Please Have Exact Change

  • I'm sure the spooks in the USA have a bunch of people hacking into Russian computers, and Thailand has people hacking into Ecuador's computers, etc etc.

  • by Anonymous Coward
    Their department of science is no match for our thousands of annoying Script Kiddies! It's time to organize these young punks and get more strategic with packet flooding!
  • I haven't read the articles too closely yet but I wonder how reliably they tracked them.

    After all pretty much any hacker raised durring the cold war period would love to make it look like they were coming from Russia. Soon as the trackers got that far you'd hope their just going to jump on it! Of course now we've got better targets to hide behind but someone from the proper time period with the right mindset....
  • Just a quick post-note: also keep in mind that this happened nearly a year ago, and just NOW got traced to Russia. That's an awfully wide margin, and would have trouble holding up even in a LA court of law. ;) And as it is no doubt between the rise in hacking, nuclear proliferation, etc. things have likely changed quite a bit.

    Still, it's sad. Perhaps the Pentagon should follow a short little motto: The most secure box on the earth is one that's turned off. (Or at least not connected to the internet without a firewall.)

  • Even if the Russian Governmant is responsible for the attack, what is the surprise? Governments are constantly spying on each other, and no doubt the U.S. has made attacks on Russian systems, just because WE didn't hear about it doesn't mean it didn't happen. A case in point is the U.S. distribution of Japanese and German cryptographic techniques which they had cracked to their allies so that they could have almost instant access to sensitive data, despite their supposed affiliation with these nations. Why would that change now?
  • Probably invented by government agents who don't want to get downsized like the military.
  • The difference between the US and Russian government would never let a story like this leak to the press. Maybe it is just hubris,but I was would be extremely suprised if we (the US) were not keeping close tabs on Russian government servers.
  • ...why go thru the trouble of hacking into something over rather congested, and obviously monitored Russia external INternet links? When any of this scientists can get a perfecctly legal visa to US, rent a house, buy a T1 and hack 24/7..
    It was just a bored sysadmin in one of this intitutions, or a student from Moscow State CS who used to held speed hacking and protection breaking contests...
  • "Classified Information" dosent mean anything.

    A document might be classified as "public" or "sensitive" or "top secret" or "top secret: magic" or "top secret: presedential eyes only"

    Everything is classified. To which classification something is is what is significant.

    My point being, you have know idea what your talking about, so we shouldnt beleive you about security procedures.

  • How interesting. Assuming the ultimate source of this information is reliable, that's the second widely-publicized cyberspy vs. cyberspy incident I've heard of this week.

    Doubtless, this is just the tip of the iceberg. Russia cracks the U.S., U.S. cracks Australia... Does Australia crack Russia? Maybe.

    Is there a war going on or something?

  • If the government wants to seriously confront the problem of foreign intrusion into critical systems, then it should forthwith remove all restrictions on strong data encryption. Strong encryption and secure communication protocols are the only defense against this kind of invasion.
  • the article said that the documents were not classified but still sensitive. it seems to me that if you had documents you didn't want people to get classified or otherwise, you wouldn't put them in places where they could be got. they should be on a computer not connected to a network or the DOD should get a better network security team. Andrew
  • by Effugas ( 2378 ) on Wednesday October 06, 1999 @07:11PM (#1632628) Homepage
    Fresh from the US Patent Office, more of everyone's favorite pastime, "It's Net So It's New!"

    Espionage is espionage. Major world superpowers spy on eachother. It's part of the structure of things--a presumption of visibility or "Sunshine" has a way of keeping governmental structures honest.

    OK, honest isn't particularly the best of words. The US constitution is based on the concept that no one power structure can be fully trusted, so it places multiple power structures in opposition and dependance upon eachother, on the assumption that the intrinsic weaknesses in one will be balanced by the greed of another.

    Heh, it makes about as much sense as Mutually Assured Destruction, but we did manage to make it through the Cold War without any (public) nuclear incidents. There's something amazing in that.

    Anyway, if our country is based on the concept of multiple untrustable bodies balancing eachother, geopolitical stability as a whole is probably achieved by multiple untrustable nations spying on eachother, monitoring the behaviors of one another. The war wasn't that cold--just silenced.

    Don't be surprised that there are spies online. Spies read newspapers. The NSA auto-downloads a number of sites on a daily basis(so said some guy who runs one of those sites). It's an "Open Source", as they call it. Extending the fact that they use open sources to the fact that they hack in a closed manner isn't ridiculous, or different.

    It's standard operating procedure. If the spies weren't using the net, the intelligence level of the intelligence community would be rather suspect.

    Are there differences? Yes. For one, the lack of a need for a physical presence at a compromised site--no moles, no informants--is disturbingly efficient. A report of an entire site compromising attack--Linux Kernel Module, uploading to some Australian Samba dropsite, slapped off a compromised Teraterm Pro SSH patch--that took eight seconds to go from full security to zero...the ease of this, compared to the espionage architectures of old, does have an impact.

    What were you looking for? An easy answer?

    Yours Truly,

    Dan Kaminsky
    Cisco Systems, NSA Division

  • From my relatively limited perspective it seems like computer-related crime is treated relatively lightly in DC. Nothing much happened to the guy who was violating security regarding information and alledgedly giving it to the Chinese, did it? Even if they've found the Russians, groups with better technology and techniques could have the potential to do bad stuff and are waiting for an opportune time, or worse, they're doing stuff now, but we aren't seeing them.

    What are the tech-related issues currently under debate? Who's supporting what? Anybody know?
  • I know DIA doesn't have their computers connected to the web. And they are connected to CIA, NSA, the Pentagon and bunch of other places. Of course they is a lot of stuff put out on the web which by itself isnt classified but when used together it is. Too bad DIA runs NT, they never get anything done.

    The melissa virus actually got onto some DIA computers because someone brought a disk from that was infected, which they arent suppose to do.

    And no I don't work for DIA, I just know someone who does.
  • Actually this is no big surprise, but then again the fear factor kicks in here as far as factual information from the US government, or the general press. Waco is a perfect example of what the goverment DID, then covered up, (even though actual footage showed different, which was surpressed) and "now" it's being downplayed.

    Those in the USA should remember that WE have the right to tell our own government what to do, NOT the other way around! A pointer to all of you special interest groups, which can KMRA. ;)
  • I thought the rule was "don't put anything on the net unless you want the whole world to see it".
  • by Anonymous Coward
    I worked for a defense contractor a while and it is true--none of the computers inside a secure area are connected to anything outside the closed and encrypted DoD network. We had to go physically outside the secure area to access the net via separate computers.

    Stories like these make for great press, but the only way they are going to get any secret info out of secure defense or intelligence agency is if someone placed the info on a computer outside the internal network. And this is a federal offense!
  • Er, if your cracker is caught in the U.S., he can be legally imprisioned for espionage. If he's in Russia, he can't be arrested by the U.S. authorities. This way, the Russian government has plausible deniability (at worst, they kick out a student who was going to flunk out anyway and blame him), and they didn't risk having their spies arrested in the U.S.

    Everybody spies on everybody anyway, so all you need is that "plausible deniability" factor to avoid formal incidents. We'll complain about this, they'll complain about NSA cracks disguised as university student attacks, and everybody will forget about them.
  • by Effugas ( 2378 ) on Wednesday October 06, 1999 @07:32PM (#1632636) Homepage
    Quick clarification(because SOMEBODY's going to ask, because I put down the wrong signature):

    Cisco has a division called NSA--Network Supported Accounts, not No Such Agency.

    Unsurprisingly, the real NSA was on my mind as I made this post. LOL. I work for Cisco's Network Supported Accounts division. Big, big, big difference.

    Yours Truly,

    Dan Kaminsky
    DoxPara Research

  • Read The Cuckoo's Egg. Same story. Except the attackers were located in Germany. But I believe that they were being payed by the Soviet government.
  • Still, it's sad. Perhaps the Pentagon should follow a short little motto: The most secure box on the earth is one that's turned off. (Or at least not connected to the internet without a firewall.)
    s/without a firewall//

    In fact, the DoD security rules dictate that any information with more than a given level of sensitivity (I used to know what the level was, but long since forgot) is not to be stored on any computer with a network connection. And access to that computer is physically controlled. So if any important information was even on the public Internet, then whichever DoD employee or contractor put it there ought to be in deep trouble.

  • funny that this same government the fbi says may be sponsoring cyberterrorism is the same one that cant even afford to pay the soldiers guarding its nuclear arsenal. or the scientists that developed its chemical and biological weapons (and are being heavily recruited by the US and Iran).

    does anyone else find the link to state-sponsorship just a *little* tenuous? as if the more likely possibility isnt a student or group of students with a little too much free time on their hands?

    and besides, if the US is really stupid enough to have classified information even available (connected to) the rest of the internet i think we fricking deserve it.

    as for the cuckoo's egg thing (yes i have read it), people should remember that that was in a time where the ussr still owned 1/4 of germany and werent completely bankrupt.

  • s/deep trouble/federal offense/g actually.

    But, as I said, it's year old information on what is likely to be an machine with a relatively low level of classification. DoD guidelines say that anything above level x (I don't know the #) cannot be connected to the outside Internet, and word is the Pentagon's network is not only physically set apart but encrypted on the packet level also. So it was not likely something big. (altho granted the DoD has had viruses before from people bringing in disks, a no-no as well).

  • Think about it: if you were a small, third world country looking to steal a few secrets from the last remaining superpower in the world, whom do you pick to masquerade as the actual attacker? Duh! It's Russia - the same Russia who we (America) has spent hundreds of billions racing for arms with, stockpiling nukes with, etcetera, etcetera. From an outdated historical perspective, it's perfectly reasonable, almost impulsive, to assume that any probe concerning classified data would be coming from Russia, public enemy #1 for pretty much the latter half of this century.

    The problem is that just because "the intrustions appear to originate from Russia," doesn't mean the KGB or whoever is responsible. In fact, the only thing this proves is just that: that the packets came from a computer in Russia. Whether that computer was itself cracked, and whether the information theft was performed at the console, or via a telnet session from Libya, is impossible to determine. But let's be honest: no self-respecting cracker would ever leave a blatant calling card like this, especially not when you're dealing with the US DoD. Chain-telnetting between two,three,five,six boxes before actually cracking a site is pretty much SOP for any serious cracker, which is why I submit that it's far more likely that this crack did not originate from Russia, or if it did, not in direct connection to the University mentioned. I think whoever perpetrated this wanted us to see the University and notice the military connection, and as far as that's concerned we've all fallen hook, line, and sinker.
  • <laugh> I rather wonder to what degree this sort of thing is due to some excess quantity of (h|cr)acker types in Russia and how much is due to the relatively poor state of computer security in much of the eastern and third world. Less money, older technology, less security information readily available, fewer trained security people, lesser availability of systems leading to less experienced userbase, that kind of thing. A great many of the security attacks I've seen have involved second- and third-world staging points, I presume largely for that reason (I fondly remember one from Chile in particular).

    IIRC, Gibson proposed something of this nature in

    • Count Zero
    , where a jockey realized that old silicon (with poor security) never dies, and that much of it had wound up in cash-starved nations in Africa; he staged a mass attack against entire African nations, made off with a lot of ill-protected money, and triggered mass famine and governmental collapse, that kind of thing.

    Though I'm willing also to concede that the East just has a large (cr|h)acker population -- as Linus has pointed out (on why Linux got done and why complex tech things happen in unlikely European nooks), "the winters are long and dark." :)

  • I know a friend who is just now being accused of breaking into a naval base computer with sensitive information and installing a sniffer a year after it supposedly happened. Apparently they haven't gotten around until now to read their vast log files. He isn't guilty though. We were just playing with a 2000 dup broadcast problem that they had on site to smurf each other (though I see the error of my ways now, so don't criticize me).

    So far, they just questioned him and took images of his hard drives.
  • Ack. That was meant to be an underline. And now it's produced some <<bad HTML, too. Rob, save me.
  • by dennisp ( 66527 ) on Wednesday October 06, 1999 @08:25PM (#1632650)
    As well, hackers have accounts on thousands of boxes. I once got smurfed by a university in Hong Kong and found the next day that several of their boxes had been compromised. I doubt students of that college would knowingly connect to US DOD computers without using an intermediary. If they did, they are either stupid or laughing in the face of the US govt (which i doubt). If they were working for the russian military I think they would want them to be a little more inconspicuous.

    Sadly, I know some people who have accounts on hundreds of university, nasa, large and small corporation, and personal boxes. Once someone gains access to a box and installs a sniffer, it is fairly easy to gain a large number of accounts.

    If I was to exploit a problem in a DOD computer, I would sure as hell use 2-5 intermediaries and possibly some wingates. Also note that the majority of people breaking into these computers really don't give a shit about the sensitive information included on them. For them, its primarily just a digital playpen where you have status for having root on one of those systems.
  • You should beleive him because he's right. The US goverment is extreamly anal about electronic systems. I happen to work for a goverment contractor and there are more rules than you can shake a stick at. You can't even bring any electronic devices/media near classified systems let alone hook them up to a public network.
  • Ahem. How much does it cost to crack systems when private citizens can afford to do it?

    Anyway, your premise is faulty -- Russia isn't completely bankrupt. It's completely corrupt.

    Russian officials who are busy funneling as much as they can to Swiss banks aren't going to bother paying chem/bio warfare experts what they could be paid in the wealthiest nation on Earth or a major oil producer, especially since Russia has plenty of nukes as a deterrent.

    And where are the soldiers, miners, and other peons going to go? So why bother paying them if you don't have to? Take the $$$ that comes from selling natural resources and put it in Switzerland, and tell the peons to work or starve.
  • by srk ( 49331 ) on Wednesday October 06, 1999 @08:41PM (#1632653) Homepage

    As a former employee of the Russian Academy Sciences (RAS) [www.ras.ru] I strongly doubt that now it is capable of carrying out of anything like this attack. After the collapse of the Soviet Union RAS is in extremely poor condition with most capable people gone either abroad or to commercial companies. Younger people do not join RAS because of very poor working conditions and low wages. It is hard to find anybody younger that 30 there. The monthly salary at RAS is something about US$100 that even in Russia is almost nothing for a computer professional. In fact, I am just waiting when Russian government [www.gov.ru] will openly admit that it does not see any need for science and technology and will close RAS bringing suffering of its employees to the end. And another issue is that very few people in the West understand what RAS is (or was), and RAS name taken alone always leads to some overexpectations. The only thing that RAS has now is its past.

    Of course, there is a chance that may be some script kiddy has gotten stuck in RAS but it is quite slim, IMHO. Also in many cases RAS poses simply as an ISP (e.g. domain relarn.ru [relarn.ru]) that is used by some private and government organization. Some descendants of the Soviet KGB are certainly experienced and capable of cyber attacks.

  • I'm quite shock that no one has mentioned what is obviously the easiest defense against cyberterrorism. DO NOT CONNECT COMPUTERS WITH SENSITIVE INFOMORMATION OR FUNCTIONS TO THE INTERNET. Sorry to shout, but why doesn't anybody think of this. If people can't connect with the computer they can't preform cyberterrorism. If having these sensitive systems on some sort of WAN is important then build your own damn WAN. Large corporations have been doing it for years. I don't see cyberterrorism as a threat, I see government/managerial stupidity as a threat.

    Sorry to rant, but I'm tired of hear all this cyberterrorism BS. I swear if I heard that word one more time...

  • a lot of times crackers will use universities to spoof their IP through since universities have tons of user accounts and typically easy passwords to guess.. this could be anyone in the world who thought it was funny to use a Russian network to crack US computers...
  • ...now everybody start blaming Russians for all US government's troubles.
  • Their department of science is no match for our thousands of annoying Script Kiddies! It's time to organize these young punks and get more strategic with packet flooding!

    Their department of science is probably, just like the US' schools equivalent filled to the brims with wannabe eLiTe packeteers.

    *yawn* Why can't the packet kiddies realize that smurfing and SYNflooding (and so on) is a *bad thing*

  • That is exactly what the U.S. government does with systems handling classified or critical data.

    There are a number of private Internets that are used by various federal agencies.

    The problem seems to be that sometimes sensitive but unclassified data gets stored on systems connected to the public Internet.

  • damnnation... they were nice enough to only take IMAGES of his hard drive? I thought whenever the Feds came they generally take all your goods and you likely never see them again (regardless of guilt).
  • May I tell you that even if some hacking comes out of RAS (Russian Academy of Science) it doesn't mean a thing 'cos these days all these institutions here in Russia are populated by young graduates (seeking to evade conscription into army - by law if after graduating from university you go "into science" you get a "delay" from conscription as long as you work there) and mostly elder staff that are, mostly again, afraid of computers and 'net.
    So - guess what - I think it's all just some 20-something guys that have enough knowledge and too much spare time and free 'net access. Nothing more here, IMHO.
    BTW: These same guys are also making a lots of good soft :-)
  • > relatively poor state of computer security in much of the
    > eastern and third world. Less money,

    FreeBSD & Linux are flourishing here (in Russia)...

    > older technology,

    Yeah, UNIX, I know ;-)

    > less security information readily available,

    You must be kidding.

    > fewer trained security people,

    A LOT more self-trained people - you spend less time here making money, money, money - more time to learn.

  • Yeah, it was an unofficial operation at that point. To men just arrived unnanounced and asked to have images of his hard drives. I don't think they suspected him of anything serious since they called the first time to ask if he knew anything about it.

    Though, they did admit that they had his ISP monitor all his traffic for weeks before.
  • That would be ergo, not ego (meaning 'I' or 'me')

    now for something on-topic..
    I see people getting their panties all in a knot.. but this news isn't any different than the news several days ago about the attack on the aussy exchange from american gov (or was it mil?) site.

  • by Wiseleo ( 15092 ) on Wednesday October 06, 1999 @11:15PM (#1632668) Homepage

    As I just went home to Ukraine recently, I was a bit surprised at the amount of software on the streets.

    Computers fell to the $200 range, no one cares about top of the line machines there, but a lot have 3d accelerators installed.

    Average software package runs you $1.5, stuff like Microsoft Office 2000 Premium was $6.

    Computer programming is a required class in all high schools. Now, if you take into account that we learn Algebra in 5th grade and Physics in 6th, why are you surprised? We graduate as programmers. We still use DOS on a daily basis. It is starting to become Netadmin-only thing here in US.

    English is also a required class, for at least 4 years.

    So what do you get? People who are highly skilled in computer technology and who have no way of utilizing that skill in their country.

    Would you hire them to spy on other countries? Would they agree? Yep, nothing to lose with non-existant computer laws.

    The kids there do not think of sports or showbusiness as a #1 career, they are into the IT. There is no such thing as legal software either. If I need say HP Openview, I'll get it free from a friend or for $1.5 on any street corner. Yes, the duplicated software is sold more openly than drugs but in the same fashion.

    It is cheaper for me to order a lot latest games already modified and pay for the air international shipping rather than to hit a local store.

    People do have time to burn, and software engineering is probably the most profitable career choice.

    You'll be seeing a lot more of this.
    Leonid S. Knyshov
    Network Administrator
  • by Anonymous Coward
    Classified computers are not connected to the net. No classified data was lost. It says that in the article.

    Sensitive data might seem innocuous to the casual observer. A single piece may mean little. But a group of specialists with many sensitive pieces can discern what the classified object is. If you don't believe that, you are fairly ignorant of basic espionage techniques.

    China's stated goal is to eclipse the United States within 50 years. In the recent US spy trials, it was disclosed that China has a plan on the books to launch a nuclear attack on the US within 5 years (before the US missile defense systems begin deployment) China estimates each side would "lose" about 150 million people, or roughly 10% of the Chinese population, a loss they consider acceptable. China is a human rights nightmare, with a communist government that is anti choice and anti market. If you dislike the US Government and the DOJ, wait till you try running a business in China. BTW, Bill Gates has a lot of admiration for China and visits Beijing regularly. Apparently, antichoice/monolithic thinkers enjoy each other's company.

    Russia has a lot of brilliant scientists and programmers. They are also in severe economic trouble, and have a terrible problem with organized crime. It's becoming clear that a lot of the "old guard" remain in power, especially given the recent embezzlings and amazingly efficient population roundups (following the terrrorist bombings) I don't doubt someone in the sciences is making a concerted effort to hack the US Military.

    Obviously, something happened on the US bases. A couple months ago, everyone had to rotate their passwords, and the comm people were running all over the bases. An ISP had their contract pulled from at least one base, due to the tightening.

    Finally, *something did happen*. Possibly something bad. For all the comments about "Oh, well, every country does it, big deal", try to remember that the United States is a great protector of freedom, and many of the countries listed in the article have pledged to kill all Americans in the name of religion, or wish to deny people a free market and choice via the use of the communist system.

    The loss of a major technology to a communist or radical religion-based country could mean the difference between slavery and freedom, or death, for generations of people.
  • Sensitive data might seem innocuous to the casual observer. A single piece may mean little. But a group of specialists with many sensitive pieces can discern what
    the classified object is. If you don't believe that, you are fairly ignorant of basic espionage techniques.

    This is a very good point. My current boss did crypto work for the military before he went into IT. One point that he, and everyone else I have ever talked to have made is what you have said.

    i.e. If some secretary puts in an order for 50,000 Winter gear sets via email that is not considered classified. Any intelligent person could discern that there are probably going to be troops sent to a winter region somewhere. Combine this email with various others. It's all about seeing the patterns in things. I'm sure if you were handed printouts of 50 random military emails you could probably glean some very sensitive information from it.

    moderators: mark up the parent of this thread.
  • After discussing with my boss, he said even the cables for the isolated networks that classified networks are run on are buried deep and encased in some pretty hefty pipes. Just to stop someone from intercepting at that layer.
  • It was that evil russian hacker dude from Goldeneye. That's who it was. Wringing his hands in front of the graphical display of his hack, showing the little bleeping packets from Moscow to the US. Or maybe it was that russian general from Rambo III, in between torturing little children.

    kapitalisticheskie cobachki! Znaem myi vas!!

  • That is what the tell you. Do you believe that? Do you believe the government that you have known to lie to you over and over again? Of course not.
    Who is to say that something is classified or not?
    One mans junk is another mans treasure, sure some things might not be classified (according to the liars) but how dangerous are these information? Could be very dangerous, shipment orders might not be classified, but obtaining a list of these could give you an idea of what they are buying and what they will be build from what they are buying, perhaps what they are trying to build is classified? The military needs to pull all of its computer off the internet, They are pathetic, You can still find some sites today exporting / to everyone, (rw).
  • i thought i read somewhere (the AP maybe...) that the only computers they were able to get into were non-classified. maybe i was just seeing things. maybe this started as a rumor and the press turned it into fact...
  • No one is "supposed" to take work out of the secure area, or home, but it does happen. Somebody brings in a laptop and copies files. They connect to the net. They copy files to their desktop and then use that later to connect. That's how the Chinese spy supposedly stole the secrets. It's just too common.
  • Why doesn't Russia just put it's people into
    our research centers like China does?

  • Its a trade off between the need to share
    information with certain people who may not
    be a member of your organisation and the need
    for security.

    Computers work best when they can talk to other computers. Systems can be secured,
    but if they are so bulky, nobody will use them.

    But still, you are right.
    Building secure systems are tricky, and the
    people designing the systems need to know this stuff.
  • From the article:

    intruders had stolen "unclassified but still-sensitive information about essentially defense/technical research matters."

    And maybe they didn't come through the Internet but through an internal network using telephones. (I don't know but I don't think the article says either way.)

    But I agree with those who say that the article is just full of Cyber-hype.
  • by Anonymous Coward
    You aren't allowed to bring a laptop into a secure area.
    Nor are you allowed to bring a floppy disk, or even a radio!
  • > Ahem. How much does it cost to crack systems when
    > private citizens can afford to do it?

    it costs plenty when the gov't has to pay people to do it for them. private citizens dont pay themselves for things they want to do. but who is going to work (for someone else) for free?

    > Anyway, your premise is faulty -- Russia isn't completely bankrupt. It's completely corrupt.

    that ends up being the same thing. do you think corrupt officials have the best interests of their government in mind when theyre skimming money? so you think the same bastards ripping off the system are going to turn around and give the money back to pay the salaries of people below them? give me a break. havent you kept up with any news? most of the russian military hasnt been paid in months.

    also take a look at the most corrupt governments in the world. with the lone exception of china, those same governments tend to be the poorest. (latin america, southeast asia, africa, etc)

    Russian officials who are busy funneling as much as they can to Swiss banks aren't going to bother paying chem/bio warfare experts what they could be paid in the wealthiest nation on Earth or a major oil producer, especially since Russia has plenty of nukes as a deterrent.
    youre missing the point. russia has lost track of a lot of nukes- soldiers are deserting and in some cases stealing nuke components. the russian govt is falling apart. they dont have time or money for this kind of crap.
  • your post was interesting until this:

    try to remember that the United States is a great protector of freedom, and many of the countries listed in the article have pledged to kill all Americans in the name of religion, or wish to deny people a free market and choice via the use of the communist system.

    please!! you are very naive!
    i suppose giving a hand to pinochet helped protect people's freedom in chilli?

    it's maybe true that north american citizens enjoy more freedom, but the USA is the country that did the most trouble on earth for the past decades.

    i suppose you believe your government when they say they're going to kosovo protect the poor people over there, or they're going to koweit protect the orphan babies from the bad and evil irakian? what about viet nam? and the list goes on

    i'm not saying that americans are more evil than anyone else, anyone else would have done this at their place, maybe even worse.

    but do not forget that the normal chinese citizen, or russian citizen, is much more your friend than your government.

    there's an anarchist slogan that says "if democracy really worked, it would have been banned since a long time"

    oh, before you call me a radical eastern european or whatever, let me say that i live in north america. in quebec. do you know where it is? sadly, a lot of americans think the world stops at their frontier.

    and sorry for my bad english spelling

  • Sometimes personnel are the weak link. People can cause a "bridge" between systems without understanding the implications.

    I remember reading about an event that happened several years ago. You'll have to forgive me - I'm fuzzy on the details (maybe someone else has read the same account and can fill in the gaps). But it went something like this...

    Some guy was tracking down attacks on his systems (University, I think). Amoung the jump-points of the attacks was a Naval research facility. The guy met with the facility's COMSEC person. After some audit of their networked systems, the COMSEC guy was horrified to find the amount of data that had crossed from their "air firewall" systems to the networked systems. People transferred data on their own accord to make their jobs easier. They also disregarded security.

    Now, this certainly doesn't mean that some Navy public web site is also a secret harbor of highly classified documents. And the press sure doesn't do much to limit this kind of wrong impression. However, one also has to be aware that despite rules and regulations, sensitive data might still be vulnerable.

  • YOU sir have no idea about what you are talking about. The original poster does actually know what he's talking aboute. You are arguing about the definition of the word clasified, when it's pretty obvious what the intent of the first poster was.

    The security people happen to error on the side of EXTREME paranoia when clasifying data. What does this mean? It means that they will slap a "confidential" label on anything that could be considered even remotely interesting. And then it's usually not very usefull data anyway. If you want something interesting you usually end up dealing with S/SAR or TS material. (needless to say, this makes engineering life a royal PAIN in the arse.)

    Let's talk networks now, shall we?

    Networks that deal with different class levels have to be isolated. In between class levels you can SOMETIMES get away with firewall or crypto type isolation. sometimes. (like you can install a 1 way gate between a lower level and higher level to allow data be moved from a low level on up). To go from higher to lower level you have this god awfull procedure to follow. very "unfun".

    From unclassified to ANY classification level ye olde NISPOM (gov security manual) says you must have physical media isolation. Period. An they really want you to go a step further and separate the wires by at least 1 meter. Fiber is prefered.

    So, to conclude my rambling so I can go do something usefull, if someone stole truly "classified" data from a system that was accessiable via the Internet, somebody broke the rules on the DoD side. While that is possible, security folks tend to be really really paranoid and I doubt any data they stole was really classified.

  • I mean they were always on about the Russians coming to get the states in the 80's and oh err it seems like they have started again!!!
  • And depending on who you work for, you can't even take a Furby into a secure area (it's a recording device).
  • On the contrary I would sepculate that the offender here is Messrs Vatis and Bennett, who seem intent on spreading FUD, presumably so that further breaches of citizens privacy can be passed off in the name of "National Security"..
  • That is what the tell you. Do you believe that? Do you believe the government that you have known to lie to you over and over again?

    Yep. The military complex is really just a big country club of spooks. They spend their time sipping Mai-Tais and lacing the public water supply with paranoia-inducing drugs. The last thing they want to deal with is pesky issues like information security and classifications.

    Who is to say that something is classified or not?

    The military is actually quite aware of how sensitive information is. And they're quite good at deturmining a classification level. But stamping a classification on a document isn't all - ensuring the document is handled properly is the problem.

    One mans junk is another mans treasure, sure some things might not be classified (according to the liars) but how dangerous are these information? Could be very dangerous, shipment orders might not be classified, but obtaining a list of these could give you an idea of what they are buying and what they will be build from what they are buying, perhaps what they are trying to build is classified?

    Once again, you might be interested to know that this is hardly an unknown concept to the military. They refer to it as "essential elements of friendly information" (EEFI). When enough elements of unclassified information is gathered, classified information may be revealed.

    Lets look at a common example of EEFI. Say a unit is going to be deployed to SandLand. Those orders are classified. However, observers are able to note changes in work schedules and large movments of equipment. They also know the unit is a rapid deployment unit. Furthermore, it is coming on winter. Yet, military personnel are observed buying a lot of warm-weather gear (shorts, shirts, sandels, sun screen, sunglasses). Its obvious that the unit is preparing to deploy to a hot climate. Scanning CNN reveals that there is some recent unrest in SandLand. Its a safe bet that the unit being observed will be deploying to SandLand.

    Secure information is compromised without the actual involvement of secure documents.

    What does the military do about EEFI? Classifying all and every document within the military would make day to day operations near impossible. Instead, the military attempts to keep aware of the dangers of EEFI and, via that awareness, try to limit the amount of information made available.

  • This is one of the reasons IPSEC is of paramount importance, IMHO. It doesn't guarantee perfect host authentication, but it's a whole lot better than no authentication at all.

    If you could be sure where a connection came from, and could trust that source, you're a whole lot less likely to be stung than if you're wide open to any attack at all.

    The attack you mentioned, involving Australia, is a case in point. The attacker came through the same ISP, had the same username and same password, but was not actually on the NT machine the legit user used. "Yes, " you might say, "but any key that the NT machine used would also be vulnerable to being copied!" That's true. However, that was a surgical strike. The attacker couldn't possibly have scanned for which (if any) IPSEC system was being used, located the keys, and transferred them to somewhere safe, as well as doing all the other evil things to the NT machine they did, in the timeframe involved.

    Precicely because IPSEC is so rare, it's powerful, because people wouldn't necessarily stop to look for it.

    (Besides, if the NT had IPSEC installed, they could have locked out connections from any unauthenticated host, thus preventing a break-in in the first place.)

    There's no magic pill in security, but there are plenty of options out there, many of which could prevent any but the most determined of attacks. It's sad when the DoD has to cry wolf to upgrade their systems. Doubly so when they're perfectly aware of alternative software which could offer greater security and greater performance at zero cost.

  • That's what I heard too. I understood that these pipes are also filled with gas, resulting in overpressure within the pipe. So, whenever someone opens up one of the pipes, gas escapes, the pressure gets lower and the line is automatically disabled.

    Or so they told me.
  • Of course all this stuff is bullshit, but...

    If at some point in the future we do have a cyberwar with someone, does it mean that all /. readers in the US will get enlisted?! How about CyberViet?

    The word "woman" is no longer politically correct.
  • companies. Younger people do not join RAS because of very poor working conditions and low
    wages. It is hard to find anybody younger that 30 there. The monthly salary at RAS is something about US$100 that even in Russia is almost nothing for a computer professional.

    You have a narrow viewpoint, my friend. I'm a current employee of the RAS (the Institute of Astronomy, to be exact). I'm 26. There are at least 6 other employees in my age group here, out of about 50 people for the whole Institute. That's over 10% - not much, but definitely not "hard to find" (granted, we're relatively small and "rich" by RAS standards). Most us ARE computer professionals; we make a living by taking second jobs in the private sector. Why bother with the RAS job in the first place then? (BTW, your numbers are out of date. The average RAS salary is below $50 nowadays) Well, it seems a lot of people here like science too much to abandon it for the sake of a boring full-time, better-paying job. Why would I want to waste all my time on high-paying software development, when I can spend at least some of it studying extragalactic globular clusters just for the fun of it? Believe me, it works. It's the same situation all over the place here. Take theatre. Actors make the same $50/month. Yet the Moscow theatre scene is quite active. Some crazy Russians, we just like our calling too much. Thank God for that, it's the only reason ANYTHING still happens over here. (That said, I'm probably being a hypocrite, having just accepted a job offer from abroad... But at least the job is still in science.)

    Now, for the original Excite article. What a load of crap... from the Russian Academy of Sciences, a government-supported organization said to interact with Russia's top military labs. Excuse me while I pick myself off the floor. "Government-supported?" Sounds very sinister, right? Heck, it's the bloody Academy of Sciences! That's like the National Science Foundation. Like, man, fundamental sciences! Who'd you expect us to be funded by, the bloody Bolshevichka Textile Factory? You insightful idiots^H^H^H^H^H^Hreporters! Anyway, the "RAS" itslef could hardly be considered an "organization" in the conventional sense. It's just a big bunch of independent (as in no money = independence) scientific institutions, plus a governing body that's mostly concerned with distributing the meager funds, and providing employment to an army of useless bureacrats. Perhaps these paper-pushers are the "suspects" referred to by "a U.S. official"? If the attack did come from within RAS, it's most likely just a random cracker-wannabe practising his stuff. I mean, what else is there to hack? The KGB would be a nice primary target, but they're not on the Internet... The Pentagon, conspiciously and appetizingly, is.

    As for "interaction with top military labs", aside from the fact that this is a bit of an oxymoron (after all, this is the same military that has just trumpeted their novel idea of air strikes against Chechnya. After watching NATO bomb Yugoslavia for months. "Hey, General Ivanov, do you think NATO might have an idea there? One would think they might be trying to avoid casualties, or something?"), there is some truth in that. Even our Institute had a military liason section at one point in the distant past, supposedly concerned with ground-based observations of satellites. These Very Important Observations usually manifested themselves as empty [cheap] champagne bottles and used prophylactics, found by the janitor in the mornings... Sure, in the Communist days even mainstream science was subjugated to "military necessity". Remember the space station we had before "Mir", "Salyut-7"? The one that quite unexpectedly went down? The reason they lost it was because of the military equipment on board. Whenever the military would operate their stuff, they'd chase all civilian personnel from the Control Center (not enough security clearance!), and install various officers at the consoles. One fine day they decided to enable some not-quite-tested military subsystem just as Salyut-7 was going offline (that is, out of radio visibility, relative to operational ground links). When it came back online half an orbit later, the fuel tanks were empty and it was spinning madly in all directions at once. Apparently, the subsystem in question somehow caused all the correction engines to fire... and fire... and fire... A short time later, the whole contraption was burning up in somebody's backyard in (IIRC) Argentina. And no, I didn't make this up: I used to know one of the Salyut-7 engineers. Anyway, are we expected to believe that this bunch has actually mounted some sort of concerted computer attack?

    As a final ironic twist on the story, do you know that most of RAS's 'net connectivity (at least within Moscow) has been funded by none other than George Soros? The guy whose philantropic activities were viewed by some of the rabidly-patriotic, anti-American crowd as a "CIA operation to get Russia's choicest scientific secrets on the cheap" (which did not stop them from actively applying for Soros grants, though). So, if we assign the same credibility rating to the Excite piece and the rabid Russophiles (which I believe is completely justified, based on the quality of the reporting), we have the CIA ultimately funding Russian attacks on the DoD... Way better than Le Carre, IMHO...
  • I don't think they broadcast the tortures and executions on chechen stations, but i do know someone sent video to the russian government of someone executing and torturing russians and westerners. They claimed to be the chechen resistance, I dont see any reason to second guess them. I've seen some of the footage, it's grisly stuff.
    You'd think if they didn't send the video someone would have said something by now. I'm not going to wade off into regional politics that i have a half-baked understanding of, but I think it's sad that wars over ethnic and religious hatred are still occurring as 2000 approaches.
  • As an ex military this reminds me of what is classified and what isn't. I was in the orderly room one day when a clerk asked the Warrant what to do with all the leave request forms. The Warrant told the clerk to file em, and the clerk asked where. The warrant came over and stamped the first one Classified and passed the stamp to the clerk. Henceforth all leave applications were classified as classified at that base. So what is classified anyway?

The relative importance of files depends on their cost in terms of the human effort needed to regenerate them. -- T.A. Dolotta