Posted on | March 12, 2007 | 5 comments
By Jon Swartz, USA TODAY
Find an original copy of this article here.
SAN FRANCISCO – The cyberattack of a U.S. military computer system has deepened concern about cyberspying and the security of the Internet’s infrastructure.
Chinese hackers were most likely behind an intrusion in November that disabled the Naval War College’s network, forcing it to disconnect from the Internet for several weeks, says Lt. Cmdr. Doug Gabos, a spokesman for the Navy Cyber Defense Operations Command in Norfolk, Va.
Forensic analysis indicates the hackers may have sought information on war games in development at the naval college, he said. The college was vulnerable because it did not have the latest security protections, Gabos said.
The November attack was part of an ongoing campaign by Chinese hackers to penetrate government computers. The attacks often come in the form of “spear phishing,” scams where attackers craft e-mail messages that seem to originate from the recipient’s organization in a ploy to gain unauthorized access to confidential data.
China is also using more traditional hacking methods, such as computer viruses and worms, but in sophisticated ways, says Alan Paller, director of the security research organization SANS Institute.
Hackers are directly breaking into military and government computers, and exploiting the side doors of private networks connected to them, Paller says.
The intrusions spotlight the soft underbelly in U.S. cybersecurity. They also underline the need for the federal government to develop policies that define responsibilities between the public and private sectors to fend off hackers and terrorists, say military officials and cybersecurity experts including Jody Westby, CEO of Global Cyber Risk.
The attacks also underscore flaws in Internet security and the difficulty in tracking bad guys, says Westby, a cybersecurity consultant in Washington. Such “Swiss cheese” holes, she says, not only compromise military and government networks but those of businesses and critical infrastructure.
“The Internet was not designed for security, and there are 243 countries connected to the Internet,” says Westby, who estimates 100 countries are planning infowar capabilities. “What’s more, many countries don’t have cybercrime laws.”
Chinese hackers gained notoriety in the USA after a series of coordinated attacks on American computer systems at NASA and Sandia National Laboratories, dating to 2003, were traced to a team of researchers in Guangdong province. The program, called Titan Rain by the Defense Department, first became public in August 2005. The Defense Department has since retitled the program under a classified name.
The hackers are still active, but Gabos would not say if the intrusion at the Naval War College was linked to previous attacks.
China is aggressively improving its information warfare capabilities, according to a December 2006 Chinese military white paper. Its goal is to be “capable of winning informationized wars” by the mid-21st century.
The motives of Chinese hackers run the gamut from intelligence gathering to technology theft and the infiltration of defense networks for future action, cybersecurity experts say.
The intent of Chinese operatives is unclear, but most agree they are gathering information, says Peter Neumann, a scientist at SRI International, a non-profit research institute.
U.S. cyberwarfare strategy, meanwhile, is disjointed because organizations responsible for cyberoffense, such as the National Security Agency, and defense, such as the Naval Network Warfare Command, are not linked, Gen. James Cartwright, commander of the Strategic Command, said in a speech at the Air Warfare Symposium in Florida in February.
The U.S. must take aggressive measures against foreign hackers and websites that help others attack government systems, Gen. Ronald Keys, commander of Air Combat Command, told reporters in Florida on Feb. 9.
“I think it’s going to take an Internet 9/11, and we’ve had some pretty serious problems on the Internet” for the country to seriously re-examine its approach to cyberwarfare, he said, according to a transcript.
Share this story: