-Caveat Lector-
from:
http://www.jya.com/dod-cyberwar.htm
<A HREF="http://www.jya.com/dod-cyberwar.htm">DoD to Congress: 'We're In A
Cyberwar'</A>
-----
1 March 1999. Thanks to Anonymous.
------------------------------------------------------------------------
Defense Week, March 1, 1999. Pg. 1
Hamre To Hill: 'We're In A Cyberwar'
By John Donnelly and Vince Crawley
Military computer systems are under siege by a "coordinated, organized"
attack from an unknown source, the focus of an "intense" federal
criminal investigation, U.S. officials told House lawmakers in a
classified briefing last week. Details of the cyberassault were sketchy
at press time. But Rep. Curt Weldon (R-Pa.), in an interview with
Defense Week, described the situation in broad, unclassified terms.
A year ago, Deputy Secretary of Defense John Hamre said it's not a
matter of if the U.S. suffers an "electronic Pearl Harbor," but when.
Last Tuesday, Hamre spent most of the hour-and-15-minute closed session
before two House Armed Services Committee panels outlining a single
major incident. Weldon quoted Hamre as saying: "'We are at war-right
now. We are in a cyberwar.'"
"These are organized, very capable efforts that have very specific goals
based upon what we've seen in attacking our systems," Weldon said in the
interview.
Weldon's comments indicate the latest attack is in a different class
from the approximately 400 probes made each week against military
computer networks, about 60 of which are considered "attacks," meaning
they suggest a malicious intent.
"This is not the kind of random hacker hits that occur on a regular
daily basis on the systems of all the services," Weldon said. "But they
are in fact organized attacks. And on one of them they went into some
detail with us, and I can't give you the detail of that one .... It's
got its own name, the government is in the middle of an intense
investigation, but it is a coordinated, organized effort. And it's
serious ...
"It is of the highest priority that we solve this problem and protect
those information systems, because we don't know in fact who's causing
these attacks, whether they are nation-states, rogue groups or
individual hackers, as we've seen in the past. We just don't know. And
there's a combined effort by the Justice Department, the FBI and DOD in
these cases to work together," he said.
'Something going on'
Pentagon spokeswoman Susan Hansen said the department could add nothing
to the public record of the open, unclassified House hearing which
followed the closed session. In the open hearing, though, Pentagon
officials said little about the current wave of cyberattacks. News of
the computer warfare comes on the heels of a statement by Pentagon
Inspector General Eleanor Hill, who last week told another House panel
military program managers aren't taking the threat as seriously as are
senior officials. Moreover, the Y2K crisis may be diverting attention
from information assurance, Hill also warned.
As for the current onslaught, a Pentagon computer-security official,
knowledgeable though not directly involved in this investigation, said
on condition of anonymity that common traits have surfaced among recent
attacks on Pentagon systems. This fact led authorities to speculate the
attacks might have a common source.
"There's something going on .... There is a pattern of attacks," the
official said. "Part of the problem is tracking down and finding what is
the real source." The official said the need to get court orders
sometimes slows down the process of finding the intruders.
'Trusted insider'
The Pentagon has long acknowledged that its computer networks
continuously are probed for weaknesses, primarily over the public
Internet which, ironically, the military itself helped develop in the
1960s and 1970s. In his statement for the panel last week, Hamre warned
about the enemy within.
"We are increasingly concerned about those who have legitimate access to
our networks -- the trusted insider," Hamre said.
The Pentagon, he added, is now requiring people "with access to Top
Secret or specially controlled access category or compartment [to] make
an oral attestation that they will conform to the conditions and
responsibilities imposed by that access."
Growing problem
A year ago, Hamre told lawmakers about Solar Sunrise, a series of
attacks in February 1998 that targeted DOD network Domain Name Servers,
exploiting a known vulnerability in an operating system called Solaris.
"The attacks were widespread, systematic and showed a pattern that
indicated they might be the preparation for a coordinated attack on the
Defense Information Structure," said Hamre of Solar Sunrise in his
unclassified written testimony Tuesday. "The attacks targeted key parts
of Defense Networks at a time we were preparing for possible military
operations against Iraq."
The Solar Sunrise incident led to the establishment of 24-hour,
7-days-a-week online guard duty at important military computer sites.
This increased vigilance has led, in turn, to increased reports of
cyberattacks, officials say.
"Since Solar Sunrise, we've deployed a massive amount of intrusion
detectors across the network," Arthur Money, senior civilian official
for the Office of the Assistant Secretary of Defense (Command, Control,
Communications and Intelligence) told the panel.
"We've trained people, put a lot of energy into that," Money said.
"Consequently, we know more now which we didn't know before."
An after-action review of Solar Sunrise found "75 percent of that attack
could [have been] blunted with well-trained system administrators,"
Money said. Last week, Money outlined a $100 million project which, over
the next year, would "totally secure our connections to the Internet."
Holes in the defense
In addition to these actions, last December the Pentagon activated a
Joint Task Force for Computer Network Defense to coordinate the defense
of military and other sensitive national networks. "The crown jewels of
the information age are the stuff that's in our networks, and we are
relentlessly pursued by hackers," Lt. Gen. William Donahue, director of
headquarters communications and information for the Air Force, testified
Tuesday.
Meanwhile, the Pentagon IG had her own story to tell.
"Audits continue to show lax security measures and inadequate focus by
program managers on the threat, despite clear awareness at senior levels
of the need for a very high priority of information assurance," Hill
told the House Government Reform Subcommittee on National Security,
Veterans Affairs and International Relations.
"It is likely that Y2K conversion is temporarily distracting both
resources and management attention from security concerns," she added.
-----
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
Omnia Bona Bonis,
All My Relations.
Adieu, Adios, Aloha.
Amen.
Roads End
Kris
DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance�not soapboxing! These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html
http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
