Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] China prevented repeat cyber attack on US



Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------

UPI-Meldungen sind bei diesem Thema immer etwas mit Vorsicht zu
genießen.
RB

http://www.upi.com/view.cfm?StoryID=20021029-121924-5101r

China prevented repeat cyber attack on US 

By Pamela Hess UPI Pentagon Correspondent From the International Desk
Published 10/29/2002 12:40 PM

NASHVILLE, Oct. 29 (UPI) -- The Defense Department was braced for a new
onslaught of cyber attacks from Chinese hackers in May 2002 but they
never materialized: the Chinese government asked private hackers not to
repeat the 2001 defacement of U.S. government Web sites, a top Defense
Department official said Tuesday.

"We expected another series of attacks from Chinese hackers, but
actually the government of China asked them not to do that," said Air
Force Maj. Gen. John Bradley, deputy commander of the Pentagon's Joint
Task Force on Computer Network Operations, at an electronic warfare
conference Tuesday.

"I wouldn't call it state-sponsored, but state-controlled, I guess," he
said at the Annual Association of Old Crows conference being held in
Nashville.

The original hacking war took place in April and May 2001. It coinciding
with the second anniversary of the U.S. bombing of the Chinese Embassy
in Belgrade, and marked the collision of a U.S. surveillance plane and a
Chinese fighter. The Chinese pilot was killed in the collision. The U.S.
plane and its crew were held on Hainan Island for 11 days.

The hackers attacked a handful of government sites last year,
emblazoning the Web pages with a Chinese flag. No serious damage was
reported but Web sites were disabled for a period of time. The concern
was serious enough that the FBI's National Infrastructure Protection
Center put out an official warning.

Denial of service attacks on Web sites and networks, primarily through
viruses, is one of the most vexing problems faced by the Defense
Department. It uses the publicly available Internet to manage its
deployment, logistics, medical and personnel system.

"We couldn't wage war without using the Internet," Bradley said.

However, 85 percent of the successful infiltrations and attacks on these
unclassified military computer networks are preventable with available
patches and proper security procedures but system administrators do not
use them. Every time a new computer is unpacked and plugged in to the
Pentagon's network without patches installed -- an apparently frequent
occurrence -- the entire network is exposed to that one computer's
vulnerabilities.

"We are our own worst enemy," said Bradley. "The Defense Department is
more vulnerable than anyone in the world."

Through September 2002 there have been 32,465 attempts on the network by
hackers, about 110 a day. Bradley did not say how many were successful.
But of those that were "99 percent would have been very easily
prevented."

Roughly 200 new viruses are spawned each month, each of which requires a
unique patch or firewall.

More than a third of the successful attempts by hackers exploit
vulnerabilities already directed to be fixed by Bradley's organization.
Actually doing the work falls to low-level system administrators.

This is nothing new. The infamous Solar Sunrise attack of 1998 which
compromised information on thousands of Defense Department computers at
a time when the Pentagon was preparing for a possible strike in Iraq
exploited a vulnerability discovered and warned about by the Pentagon
two months before the attack took place.

Another third of the successful attempts are attributed to poor security
practices -- like using "password" as a password.

"These are just stupid mistakes that are easily avoided," Bradley said.

Nevertheless, computer network security has dramatically improved since
the Solar Sunrise wake up call. There is now 24-hour-a-day monitoring of
computer networks to detect illicit activity and automated intrusion
detection devices in place.

"By and large I'd call it highly successful," Bradley said. "We've not
been shut down very often or damaged too badly."

The Joint Task Force for Computer Network Operations is responsible not
just for the daunting work of securing the vast network but also for the
still evolving and highly classified area of computer network attack.

At its simplest, computer network attack would be government sanctioned
hacking -- an attempt to deny an enemy use of is own computer networks
in wartime, to change critical information, or to trick him into
thinking they were working when they are not.

"The attacks could be extremely precise. We have a wide range of
capabilities but there are very, very tight controls on this," Bradley
said.

Only the president of the defense secretary can authorize a computer
network attack, according to the policies now being crafted. 

The potential for network attacks as a "precision weapon" is high but
has not yet seen the light of day. There is not even a network attack
cadre set up yet, according to Air Force Deputy Director for Information
Warfare Col. Chris "Bulldog" Glaze.

Progress toward that end is moving quickly, however.

"I've got to tell you we spend more time on the computer network attack
business than we do on computer network defense because so many people
at very high levels are interested in developing the policy for it,"
Bradley said.

The Pentagon is moving cautiously, aware of the potential for collateral
damage to the world's computer networks and economy.

"Any kind of attack we will have to know a great amount of detail about
the systems being used," he said. "It's a very challenging new mission
area for a us ... Many are very wary because its so new.

"We haven't see what the consequences are, what the collateral damage
is. These are precision munitions of the non-kinetic kind," Bradley
said.

---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.