Russia suspected in cyber attacks on Centcom

LA Times:

Senior military leaders took the exceptional step of briefing President Bush this week on a severe and widespread electronic attack on Defense Department computers that may have originated in Russia -- an incursion that posed unusual concern among commanders and raised potential implications for national security.

Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.

Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or "malware," apparently designed specifically to target military networks.

"This one was significant; this one got our attention," said one defense official, speaking on condition of anonymity when discussing internal assessments.

Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary.

Bush was briefed on the threat by Navy Adm. Michael G. Mullen, chairman of the Joint Chiefs of Staff. Mullen also briefed Defense Secretary Robert M. Gates.

Military electronics experts have not pinpointed the source or motive of the attack and could not say whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement. Defense experts may never be able to answer such questions, officials said.

The defense official said the military also had not learned whether the software's designers may have been specifically targeting computers used by troops in Afghanistan and Iraq.

...

An electronic attack from Russia shut down government computers in Estonia in 2007. And officials believe that a series of electronic attacks were launched against Georgia at the same time that hostilities erupted between Moscow and Tbilisi last summer. Russia has denied official involvement in the Georgia attacks.

The first indication that the Pentagon was dealing with a computer problem came last week, when officials banned the use of external computer flash drives. At the time, officials did not indicate the extent of the attack or the fact that it may have targeted defense systems or posed national security concerns.

The invasive software, known as agent.btz, has circulated among nongovernmental U.S. computers for months. But only recently has it affected the Pentagon's networks. It is not clear whether the version responsible for the cyber-intrusion of classified networks is the same as the one affecting other computer systems.

The malware is able to spread to any flash drive plugged into an infected computer. The risk of spreading the malware to other networks prompted the military to ban the drives.

Defense officials acknowledged that the worldwide ban on external drives was a drastic move. Flash drives are used constantly in Iraq and Afghanistan, and many officers keep them loaded with crucial information on lanyards around their necks.

...
The Russians have been active in cyber attacks as have the Chinese. It would be interesting to know the source of the flash drives that were infected. I am curious whether they could have been infected during the manufacturing process. It is also likely that they become typhoid Marys spreading the virus from one computer to the next.

It is still surprising to me that the geeks have not come up with a silver bullet to defeat these type of attacks. There are a lot of smart people out in the geek world and there should be a handsome reward for the ones who can produce something to destroy the cyber attackers. We need the equivalent of the HARM anti radar missile that homes on on the source and destroys it.

Comments

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

29 % of companies say they are unlikely to keep insurance after Obamacare