Date: Thu, 16 Apr 1998 10:57:18 -0700 (PDT) From: Annelise Anderson <andrsn@andrsn.stanford.edu> To: freebsd-chat@FreeBSD.ORG Subject: NSA's Operation Eligible Receiver Message-ID: <Pine.BSF.3.96.980416105210.26959A-100000@andrsn.stanford.edu>
next in thread | raw e-mail | index | archive | help
I thought this was interesting--I'm inclined to think that all this
publicity is a way to further the government interest in key recovery
and the like, however. The punch line (last paragraph) is that the
password on many military computers is (drum roll please) "password."
Annelise
THE WASHINGTON TIMES
April 16, 1998
Bill Gertz
Computer hackers could disable military; System compromised in
secret exercise
Senior Pentagon leaders were stunned by a military exercise
showing how easy it is for hackers to cripple U.S. military and
civilian computer networks, according to new details of the
secret exercise.
Using software obtained easily from hacker sites on the Internet,
a group of National Security Agency officials could have shut
down the U.S. electric-power grid within days and rendered
impotent the command-and-control elements of the U.S. Pacific
Command, said officials familiar with the war game, known as
Eligible Receiver.
"The attack was actually run in a two-week period and the results
were frightening," said a defense official involved in the game.
"This attack, run by a set of people using standard Internet
techniques, would have basically shut down the
command-and-control capability in the Pacific theater for some
considerable period of time."
Pentagon spokesman Kenneth Bacon said, "Eligible Receiver was an
important and revealing exercise that taught us that we must be
better organized to deal with potential attacks against our
computer systems and information infrastructure."
The secret exercise began last June after months of preparation
by the NSA computer specialists who, without warning, targeted
computers used by U.S. military forces in the Pacific and in the
United States.
The game was simple: Conduct information warfare attacks, or
"infowar," on the Pacific Command and ultimately force the United
States to soften its policies toward the crumbling communist
regime in Pyongyang. The "hackers" posed as paid surrogates for
North Korea.
The NSA "Red Team" of make-believe hackers showed how easy it is
for foreign nations to wreak electronic havoc using computers,
modems and software technology widely available on the darker
regions of the Internet: network-scanning software, intrusion
tools and password-breaking "log-in scripts."
According to U.S. officials who took part in the exercise, within
days the team of 50 to 75 NSA officials had inflicted crippling
damage.
They broke into computer networks and gained access to the
systems that control the electrical power grid for the entire
country. If they had wanted to, the hackers could have disabled
the grid, leaving the United States in the dark.
Groups of NSA hackers based in Hawaii and other parts of the
United States floated effortlessly through global cyberspace,
breaking into unclassified military computer networks in Hawaii,
the headquarters of the U.S. Pacific Command, as well as in
Washington, Chicago, St. Louis and parts of Colorado.
"The attacks were not actually run against the infrastructure
components because we don't want to do things like shut down the
power grid," said a defense official involved in the exercise.
"But the referees were shown the attacks and shown the structure
of the power-grid control, and they agreed, yeah, this attack
would have shut down the power grid."
Knocking out the electrical power throughout the United States
was just a sideline for the NSA cyberwarriors. Their main target
was the U.S. Pacific Command, which is in charge of the 100,000
troops that would be called on to deal with wars in Korea or
China.
"The most telling thing for the Department of Defense, when all
was said and done, is that basically for a two-week period the
command-and-control capability in the Pacific theater would have
been denied by the 'infowar' attacks, and that was the period of
the exercise," the official said.
The attackers also foiled virtually all efforts to trace them.
FBI agents joined the Pentagon in trying to find the hackers, but
for the most part they failed. Only one of the several NSA
groups, a unit based in the United States, was uncovered. The
rest operated without being located or identified.
The attackers breached the Pentagon's unclassified global
computer network using Internet service providers and dial-in
connections that allowed them to hop around the world.
"It's a very, very difficult security environment when you go
through different hosts and different countries and then pop up
on the doorstep of Keesler Air Force Base [in Mississippi], and
then go from there into Cincpac," the official said, using the
acronym for the Commander in Chief, Pacific.
The targets of the network attacks also made it easy. "They just
were not security-aware," said the official.
A second official found that many military computers used the
word "password" for their confidential access word.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980416105210.26959A-100000>