Wired has a story casting doubt on the foreign intelligence angle. http://www.wired.com/dangerroom/2010/08/insiders-doubt-2008-pentagon-hack- was-foreign-spy-attack/
The guts of the claim is that they know from forensics that Russian hackers had used the code before, but they can't actually source the attack to the Russians. Looked at this way, the Lynn article could just be public lobbying for DoD for "cybersecurity" (yuck, how I hate that word) authority in any coming legislation. Homeland Security is generally being given primary authority for defending civilian networks, but DoD wants a hand in it. LJS -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Richard Golodner Sent: Wednesday, August 25, 2010 7:17 PM To: [email protected] Subject: [funsec] from CNN http://www.cnn.com/2010/TECH/innovation/08/25/pentagon.cyberattack/index.h tml?hpt=T1 Deputy Defense Secretary William J. Lynn III, in an article titled "Defending a New Domain" posted on Foreign Affairs magazine's web site, said the "previously classified incident was the most significant breach of U.S. military computers ever." "The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command," his article said. "That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control." He continued: "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary." It amazes me that this stuff is allowed to happen at this level, and to not even be detected. Richard _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
