Cyber-attack on Defense Department computers raises concerns

[David Farber <dave () farber net>]

Begin forwarded message:

From: Martin Burack <marty () burack nu>
Date: November 29, 2008 10:55:54 AM EST
To: dave () farber net
Subject: Cyber-attack on Defense Department computers raises concerns

http://www.latimes.com/news/nationworld/nation/la-na-cyberattack28-2008nov28,0,6441140.story
From the Los Angeles Times
Cyber-attack on Defense Department computers raises concerns

By Julian E. Barnes
November 28, 2008

Reporting from Washington  Senior military leaders took the  
exceptional step of briefing President Bush this week on a severe and  
widespread electronic attack on Defense Department computers that may  
have originated in Russia -- an incursion that posed unusual concern  
among commanders and raised potential implications for national  
security.

Defense officials would not describe the extent of damage inflicted on  
military networks. But they said that the attack struck hard at  
networks within U.S. Central Command, the headquarters that oversees  
U.S. involvement in Iraq and Afghanistan, and affected computers in  
combat zones. The attack also penetrated at least one highly protected  
classified network.

---snip---

Military electronics experts have not pinpointed the source or motive  
of the attack and could not say whether the destructive program was  
created by an individual hacker or whether the Russian government may  
have had some involvement. Defense experts may never be able to answer  
such questions, officials said.

The defense official said the military also had not learned whether  
the software's designers may have been specifically targeting  
computers used by troops in Afghanistan and Iraq.

---snip---
An electronic attack from Russia shut down government computers in  
Estonia in 2007. And officials believe that a series of electronic  
attacks were launched against Georgia at the same time that  
hostilities erupted between Moscow and Tbilisi last summer. Russia has  
denied official involvement in the Georgia attacks.

The first indication that the Pentagon was dealing with a computer  
problem came last week, when officials banned the use of external  
computer flash drives. At the time, officials did not indicate the  
extent of the attack or the fact that it may have targeted defense  
systems or posed national security concerns.

The invasive software, known as agent.btz, has circulated among  
nongovernmental U.S. computers for months. But only recently has it  
affected the Pentagon's networks. It is not clear whether the version  
responsible for the cyber-intrusion of classified networks is the same  
as the one affecting other computer systems.

The malware is able to spread to any flash drive plugged into an  
infected computer. The risk of spreading the malware to other networks  
prompted the military to ban the drives.

Defense officials acknowledged that the worldwide ban on external  
drives was a drastic move. Flash drives are used constantly in Iraq  
and Afghanistan, and many officers keep them loaded with crucial  
information on lanyards around their necks.

Banning their use made sharing information in the war theaters more  
difficult and reflected the severity of the intrusion and the threat  
from agent.btz, a second official said.

Officials would not describe the exact threat from agent.btz, or say  
whether it could shut down computers or steal information. Some  
computer experts have reported that agent.btz can allow an attacker to  
take control of a computer remotely and to take files and other  
information from it.

---snip---
The offending program has been cleansed from a number of military  
networks. But officials said they did not believe they had removed  
every bit of infection from all Defense Department computers.

---snip---
julian.barnes () latimes com

Copyright 2008 Los Angeles Times




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com