[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
nyt: Report Warns of Security Threats Posed by Computer Hackers
Copyright 1996 The New York Times Company
May 23, 1996
Report Warns of Security Threats Posed by Computer
Hackers
By PHILIP SHENON
[W] ASHINGTON -- Government investigators warned
Wednesday that computer hackers cruising the
Internet posed a serious and growing threat to national
security, with the Pentagon suffering as many as 250,000
"attacks" on its computers last year.
The investigators, from the General Accounting Office,
offered scenarios in which terrorists or enemy
governments might break into Defense Department computer
networks and shut them down, cutting off communications
between military commanders in the middle of a war.
"There will become an increasingly attractive way for
terrorists or adversaries to wage attacks," the
investigators said in a report prepared for two
congressional committees. "The potential for
catastrophic damage is great."
The Pentagon did not dispute the findings of the study,
although Defense Department officials said they knew of
no instance in which hackers had obtained secret
information or gained access to computer networks that
control the firing of weapons. "We are certainly well
aware that people are breaking in or trying to hack into
our systems," said Susan Hansen, a department
spokeswoman.
While the Pentagon is developing encryption devices that
show promise in defeating computer hackers, the
accounting office, which is the investigative arm of
Congress, warned that none of the proposed technical
solutions was foolproof, and that the military's current
security program was "dated, inconsistent and
incomplete."
The explosion in the use of the Internet and the
increasing power and sophistication of small desktop
computers has compounded the Pentagon's problems,
creating a worldwide army of hackers able to break into
all but the most secure computer networks.
The report cited Defense Department estimates that the
number of unauthorized efforts to enter its computer
systems -- "attacks," in the parlance of cyberspace --
was doubling every year and may have reached 250,000 in
1995, most of them made through the Internet.
Pentagon figures suggest that in about 65 percent of
those efforts, hackers were able to gain entry to a
computer network.
The investigators provided details on several recent
attacks on the Pentagon's computers, including a 1994
incident in which two computer hackers were able to gain
"complete access to all of the information" on the
computer systems of the Rome Air Development Center, the
Air Force laboratory in Rome, N.Y., where the Defense
Department carries out some of its most important
research on weapons systems.
The report said the hackers rummaged through the
computer networks for several days and stole information
on the methods used by Air Force commanders to relay
secret intelligence and targeting information during
wartime.
Working through the Internet and a variety of phone
switches in South America, the hackers also used the
laboratory's computers as a "launching platform to
attack other military, government, commercial and
academic systems worldwide," including the
Wright-Patterson Air Force Base in Ohio and the Goddard
Space Flight Center in Greenbelt, Md., the report said.
One of the hackers, a Briton whose code name was
"Datastream Cowboy," was later arrested in England. The
authorities say they do not know the nationality of the
other hacker, whose code name is "Kuji" and who was
never apprehended.
"There may have been some national security risks
associated with the Rome incident," the report said.
"Air Force officials told us that at least one of the
hackers may have been working for a foreign country
interested in obtaining military research data or
information on areas in which the Air Force was
conducting advanced research." The foreign country was
not identified in the report.
In separate incidents between April 1990 and May 1991,
the report said, hackers from the Netherlands broke into
computer networks at 34 Defense Department sites and
browsed the electronic-mail systems of several
department officials, calling up all messages that
contained the key words "nuclear," "weapons" or
"missile."
The accounting office investigator who oversaw the
report, Jack L. Brock Jr., said in testimony Wednesday
before the Senate Permanent Subcommittee on
Investigations that more than 120 nations are reported
to be developing "information warfare techniques" that
could "allow our enemies to seize control of public
networks which Defense relies upon for communications."
"Countries today do not have to be military superpowers
with large standing armies, fleets of battleships or
squadrons of fighters to gain a competitive edge," he
said. "Instead, all they really need to steal sensitive
data or shut down military computers is a $2,000
computer and modem and a connection to the Internet."
The investigators said the Pentagon had made itself
vulnerable to attack by making itself so dependent on
computers and the Internet, a system that its own
researchers created in the 1970s.
"Defense's computer systems are particularly susceptible
to attack through connections on the Internet, which
Defense uses to enhance communication and information
sharing," the report said, noting that an estimated 40
million people worldwide are Internet users. "In turning
to the Internet, Defense has increased its own exposure
to attacks."
The Pentagon uses the Internet to distribute electronic
mail and other information. During the war in the
Persian Gulf, the Defense Department used the Internet
to communicate with allied armies and gather and
distribute intelligence information.
_______________________
Regards, When we ask advice, we are usually looking for
an accomplice. -Marquis de la Grange
Joseph Reagle http://farnsworth.mit.edu/~reagle/home.html
[email protected] E0 D5 B2 05 B6 12 DA 65 BE 4D E3 C1 6A 66 25 4E