FC: Rogue U.K. military Usenet cancelbot tries to ban NATO documents

[Declan McCullagh <declan () well com>]

[I almost yearn for the days of cancelmoose and cancelpoodle.]

**********

> Date: Fri, 07 Apr 2000 09:13:52 -0700
> To: declan () well com
> From: "A.Lizard" <alizard () ecis com>
> Subject: rogue UK military Usenet cancelbot
>
> It appears that the UK military is censoring the Internet... I think this 
> needs looking into. The virus story itself has a foul odor to it as well. 
> My comments are bracketed.
> James
>
>
> http://www.currents.net/newstoday/00/04/04/news3.html
> Virus Blows a Hole in NATO's Security
> By Steve Gold, Newsbytes
> April 04, 2000
> The North Atlantic Treaty Organization (NATO) has launched a full-scale 
> investigation into how one of its top-secret documents ended up posted on 
> the Internet.
> The Sunday Telegraph reports that an unknown virus is to blame for the 
> posting of the nine-page document, detailing the alliance's rules of 
> engagement in the southern Yugoslav province of Kosovo, on to the Net.
> Press reports this morning say that NATO moved into full swing over the 
> weekend after the British Ministry of Defence was alerted to the problem 
> late last week.
> The Sunday Telegraph said that the top secret document was spotted by a 
> London publishing house and reported to the relevant authority. BBC news 
> reports today, meanwhile, say that a virus may be to blame.
> NATO's Brussels headquarters said that a press briefing for the media is 
> expected later today. The Sunday Telegraph, meanwhile, quotes Jamie Shea, 
> a senior spokesperson for NATO, as saying that, if the investigation shows 
> that a NATO document has got into the public domain, "it will be a matter 
> of great concern to us."
> He added, "These are sensitive NATO documents. We would like to keep them 
> classified and prevent them being compromised."
> Newsbytes' sources say that the document posted to the Net included NATO's 
> Rules of Engagement for Land Operations, which cover the circumstances 
> under which "appropriate measures, including the use of deadly force," may 
> be used.
> The Sunday Telegraph quotes an unnamed person at the London Publishing 
> company as saying that two people tried to open up a new document on a PC 
> and, instead, the NATO Kosovo document started to scroll up.
> "The next thing I knew, I was in a meeting around lunchtime when a message 
> came from reception saying, `Your guests have arrived.'"
> On returning to work, the member of staff was interviewed by two military 
> intelligence officers in plain clothes, who said words to the effect of, 
> "'This is something we are very worried about,' and started to ask questions."
> Newsbytes' sources suggest that the NATO document was top secret 
> classified material, but the classification was changed to "restricted" 
> over the weekend to prevent further embarrassment.
>
> *************************************************************************
>
> Sources also suggest that the document was posted to a Usenet group, but 
> was quickly deleted by a Ministry of Defence autobot, a software agent 
> that autodeletes questionable Usenet postings from the servers of 
> Usenet-enabled Internet service providers (ISPs) around the world.
>
> *************************************************************************
> [Where does the UK military get off telling American Internet users what 
> they can and can not read?]
>
> Graham Cluley, head of corporate communications with Sophos Anti- Virus, 
> was not surprised by the reports that a virus is to blame for the NATO 
> security breach.
>
>
>
>
> [ ***How did that virus find that file?***
>
> A virus that targets specific information (not an address book in a 
> standard program location, but a specific file within a directory and 
> posts it to the Net?
>
> Posting it to Usenet ONCE THE INFORMATION IS FOUND wouldn't be a problem, 
> but I've got real problems with a virus that can make intelligent 
> decisions about article content. A virus with that article as a payload... 
> why bother? There are quite a few non-UK free Websites... and all it takes 
> to get that "secret" document into the public domain is to contact enough 
> journalists, nobody outside the UK has any reason for concern about the UK 
> authorities.]
>
> Perhaps a programmer instead of a clueless public relations corporate 
> spokesdroid should have been asked for comment. Or somebody from a 
> competitor. You'll know the right person by the laughter after getting the 
> question.
>
>
> He pointed to worm payloads such as the infamous Melissa virus as 
> indicative of how easy it is to trigger an Internet posting without the 
> permission of the host PC operator.
> "These latest security breaches highlight that no one is immune to 
> security scares in any form," he said, adding that, if NATO can be hit by 
> a virus,
>
> I'm sure NATO is hit with viruses on a daily basis.
>
> "then it should serve as a salutary reminder to all of us that we all need 
> to be vigilant against computer crime and ensure the deployment of 
> quality, up-to-date anti-virus and encryption software.
> "In this particular case, NATO has suffered an embarrassment, but viruses 
> like Melissa have already shown us how it is possible for a virus to pass 
> on confidential material to thousands via just a few hops in an e-mail 
> address book," he said.
> "Perhaps more troubling though, is the fact that these viruses appear to 
> be causing much more serious harm than a virus whose payload is a playful 
> cartoon or Dr. Who quote," he added.
> Sophos' Web site is at http://www.sophos.com .
> Reported by Newsbytes.com
> ************************************************************************
> Personal Web site http://www.ecis.com/~alizard
> Disaster prep & y2k computer fixes: http://www.ecis.com/~alizard/y2k.html
> Littleton Killings: http://www.ecis.com/~alizard/littleto.html
> backup address (if ALL else fails) alizard () onebox com
> PGP 6.5.1 key available by request,keyserver,or on my Web site
> For e-mail privacy, download PGP from http://www.pgpi.org
> PGPfone v1.02 and v2.1 available for secure voice conferencing, get
> your own (W9x,NT,Mac) at http://www.pgpi.org/products/nai/pgpfone/
> ************************************************************************


--------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
--------------------------------------------------------------------------