Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Apr 1998 10:57:18 -0700 (PDT)
From:      Annelise Anderson <andrsn@andrsn.stanford.edu>
To:        freebsd-chat@FreeBSD.ORG
Subject:   NSA's Operation Eligible Receiver 
Message-ID:  <Pine.BSF.3.96.980416105210.26959A-100000@andrsn.stanford.edu>

next in thread | raw e-mail | index | archive | help

I thought this was interesting--I'm inclined to think that all this
publicity is a way to further the government interest in key recovery
and the like, however.  The punch line (last paragraph) is that the
password on many military computers is (drum roll please) "password."

	Annelise
 

    THE WASHINGTON TIMES
     April 16, 1998
     Bill Gertz

     Computer hackers could disable military; System compromised in
     secret exercise

     Senior Pentagon leaders were stunned by a military exercise
     showing how easy it is for hackers to cripple U.S. military and
     civilian computer networks, according to new details of the
     secret exercise.

     Using software obtained easily from hacker sites on the Internet,
     a group of National Security Agency officials could have shut
     down the U.S. electric-power grid within days and rendered
     impotent the command-and-control elements of the U.S. Pacific
     Command, said officials familiar with the war game, known as
     Eligible Receiver.

     "The attack was actually run in a two-week period and the results
     were frightening," said a defense official involved in the game.
     "This attack, run by a set of people using standard Internet
     techniques, would have basically shut down the
     command-and-control capability in the Pacific theater for some
     considerable period of time."

     Pentagon spokesman Kenneth Bacon said, "Eligible Receiver was an
     important and revealing exercise that taught us that we must be
     better organized to deal with potential attacks against our
     computer systems and information infrastructure."

     The secret exercise began last June after months of preparation
     by the NSA computer specialists who, without warning, targeted
     computers used by U.S. military forces in the Pacific and in the
     United States.

     The game was simple: Conduct information warfare attacks, or
     "infowar," on the Pacific Command and ultimately force the United
     States to soften its policies toward the crumbling communist
     regime in Pyongyang. The "hackers" posed as paid surrogates for
     North Korea.

     The NSA "Red Team" of make-believe hackers showed how easy it is
     for foreign nations to wreak electronic havoc using computers,
     modems and software technology widely available on the darker
     regions of the Internet: network-scanning software, intrusion
     tools and password-breaking "log-in scripts."

     According to U.S. officials who took part in the exercise, within
     days the team of 50 to 75 NSA officials had inflicted crippling
     damage.

     They broke into computer networks and gained access to the
     systems that control the electrical power grid for the entire
     country. If they had wanted to, the hackers could have disabled
     the grid, leaving the United States in the dark.

     Groups of NSA hackers based in Hawaii and other parts of the
     United States floated effortlessly through global cyberspace,
     breaking into unclassified military computer networks in Hawaii,
     the headquarters of the U.S. Pacific Command, as well as in
     Washington, Chicago, St. Louis and parts of Colorado.

     "The attacks were not actually run against the infrastructure
     components because we don't want to do things like shut down the
     power grid," said a defense official involved in the exercise.
     "But the referees were shown the attacks and shown the structure
     of the power-grid control, and they agreed, yeah, this attack
     would have shut down the power grid."

     Knocking out the electrical power throughout the United States
     was just a sideline for the NSA cyberwarriors. Their main target
     was the U.S. Pacific Command, which is in charge of the 100,000
     troops that would be called on to deal with wars in Korea or
     China.

     "The most telling thing for the Department of Defense, when all
     was said and done, is that basically for a two-week period the
     command-and-control capability in the Pacific theater would have
     been denied by the 'infowar' attacks, and that was the period of
     the exercise," the official said.

     The attackers also foiled virtually all efforts to trace them.
     FBI agents joined the Pentagon in trying to find the hackers, but
     for the most part they failed. Only one of the several NSA
     groups, a unit based in the United States, was uncovered. The
     rest operated without being located or identified.

     The attackers breached the Pentagon's unclassified global
     computer network using Internet service providers and dial-in
     connections that allowed them to hop around the world.

     "It's a very, very difficult security environment when you go
     through different hosts and different countries and then pop up
     on the doorstep of Keesler Air Force Base [in Mississippi], and
     then go from there into Cincpac," the official said, using the
     acronym for the Commander in Chief, Pacific.

     The targets of the network attacks also made it easy. "They just
     were not security-aware," said the official.

     A second official found that many military computers used the
     word "password" for their confidential access word.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980416105210.26959A-100000>