GySgt Wayne A. Ekblad872542<div class="images-v2-count-1"><div class="content-picture image-v2-number-1" id="image-54910"> <div class="social_icons social-buttons-on-image">
<a href='https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.rallypoint.com%2Fanswers%2Fpentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity%3Futm_source%3DFacebook%26utm_medium%3Dorganic%26utm_campaign%3DShare%20to%20facebook'
target="_blank" class='social-share-button facebook-share-button'><i class="fa fa-facebook-f"></i></a>
<a href="https://twitter.com/intent/tweet?text=Pentagon+computer+network+infiltration+is+latest+government+breach.++Why+don%27t+we+have+more+reliable+cybersecurity%3F&url=https%3A%2F%2Fwww.rallypoint.com%2Fanswers%2Fpentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity&via=RallyPoint"
target="_blank" class="social-share-button twitter-custom-share-button"><i class="fa fa-twitter"></i></a>
<a href="mailto:?subject=Check this out on RallyPoint!&body=Hi, I thought you would find this interesting:%0D%0APentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?%0D%0A %0D%0AHere is the link: https://www.rallypoint.com/answers/pentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity"
target="_blank" class="social-share-button email-share-button"><i class="fa fa-envelope"></i></a>
</div>
<a class="fancybox" rel="b73075c648db8cc51fc7ae5ab7bde3d1" href="https://d1ndsj6b8hkqu9.cloudfront.net/pictures/images/000/054/910/for_gallery_v2/566fbee3.wdp"><img src="https://d1ndsj6b8hkqu9.cloudfront.net/pictures/images/000/054/910/large_v3/566fbee3.wdp" alt="566fbee3" /></a></div></div>U.S. military officials said Thursday that they suspect Russian hackers infiltrated an unclassified Pentagon e-mail system used by employees of the Joint Chiefs of Staff, the latest in a series of state-sponsored attacks on sensitive U.S. government computer networks.<br /><br />The electronic intrusion was detected about July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days.<br /><br />The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.<br /><br />“This attack was fairly sophisticated and has the indications . . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation. <br /><br />The cyberattack on the Joint Staff, which coordinates operations among the branches of the armed forces, is similar to one last fall that successfully penetrated unclassified e-mail systems at the White House and the State Department. In that case, U.S. officials said the trail also led to hackers thought to be working for the Russian government. <br /><br />Even so, officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.<br /><br />The incident follows several other, more destructive cyberattacks on U.S. government networks, including devastating breaches of databases maintained by the Office of Personnel Management. U.S. officials believe hackers working for the Chinese government were responsible for those, which exposed sensitive information about more than 22 million people.<br /><br />Responding to the spate of attacks, officials in Washington have said they were working to bolster the security of computer systems across the federal government. The disclosure of a successful breach of a Pentagon e-mail network, however, is likely to generate new scrutiny from Congress on the reliability of Washington’s cyberdefenses.<br /><br />Read more at ...<br /><br /><a target="_blank" href="https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15">https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15</a><br /><br />==================================================== <div class="pta-link-card answers-template-image type-default">
<div class="pta-link-card-picture">
<img src="https://d26horl2n8pviu.cloudfront.net/link_data_pictures/images/000/019/514/qrc/Joint_Chiefs_Chairman-02ec1-1497.jpg?1443050722">
</div>
<div class="pta-link-card-content">
<p class="pta-link-card-title">
<a target="blank" href="https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15">U.S. suspects Russia in hack of Pentagon computer network</a>
</p>
<p class="pta-link-card-description">An unclassified e-mail system for the Joint Staff has been disabled since July 25 intrusion</p>
</div>
<div class="clearfix"></div>
</div>
Pentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?2015-08-07T13:34:56-04:00GySgt Wayne A. Ekblad872542<div class="images-v2-count-1"><div class="content-picture image-v2-number-1" id="image-54910"> <div class="social_icons social-buttons-on-image">
<a href='https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.rallypoint.com%2Fanswers%2Fpentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity%3Futm_source%3DFacebook%26utm_medium%3Dorganic%26utm_campaign%3DShare%20to%20facebook'
target="_blank" class='social-share-button facebook-share-button'><i class="fa fa-facebook-f"></i></a>
<a href="https://twitter.com/intent/tweet?text=Pentagon+computer+network+infiltration+is+latest+government+breach.++Why+don%27t+we+have+more+reliable+cybersecurity%3F&url=https%3A%2F%2Fwww.rallypoint.com%2Fanswers%2Fpentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity&via=RallyPoint"
target="_blank" class="social-share-button twitter-custom-share-button"><i class="fa fa-twitter"></i></a>
<a href="mailto:?subject=Check this out on RallyPoint!&body=Hi, I thought you would find this interesting:%0D%0APentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?%0D%0A %0D%0AHere is the link: https://www.rallypoint.com/answers/pentagon-computer-network-infiltration-is-latest-government-breach-why-don-t-we-have-more-reliable-cybersecurity"
target="_blank" class="social-share-button email-share-button"><i class="fa fa-envelope"></i></a>
</div>
<a class="fancybox" rel="3edf0f47460756830a8b2682fbfe7ad0" href="https://d1ndsj6b8hkqu9.cloudfront.net/pictures/images/000/054/910/for_gallery_v2/566fbee3.wdp"><img src="https://d1ndsj6b8hkqu9.cloudfront.net/pictures/images/000/054/910/large_v3/566fbee3.wdp" alt="566fbee3" /></a></div></div>U.S. military officials said Thursday that they suspect Russian hackers infiltrated an unclassified Pentagon e-mail system used by employees of the Joint Chiefs of Staff, the latest in a series of state-sponsored attacks on sensitive U.S. government computer networks.<br /><br />The electronic intrusion was detected about July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days.<br /><br />The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.<br /><br />“This attack was fairly sophisticated and has the indications . . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation. <br /><br />The cyberattack on the Joint Staff, which coordinates operations among the branches of the armed forces, is similar to one last fall that successfully penetrated unclassified e-mail systems at the White House and the State Department. In that case, U.S. officials said the trail also led to hackers thought to be working for the Russian government. <br /><br />Even so, officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.<br /><br />The incident follows several other, more destructive cyberattacks on U.S. government networks, including devastating breaches of databases maintained by the Office of Personnel Management. U.S. officials believe hackers working for the Chinese government were responsible for those, which exposed sensitive information about more than 22 million people.<br /><br />Responding to the spate of attacks, officials in Washington have said they were working to bolster the security of computer systems across the federal government. The disclosure of a successful breach of a Pentagon e-mail network, however, is likely to generate new scrutiny from Congress on the reliability of Washington’s cyberdefenses.<br /><br />Read more at ...<br /><br /><a target="_blank" href="https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15">https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15</a><br /><br />==================================================== <div class="pta-link-card answers-template-image type-default">
<div class="pta-link-card-picture">
<img src="https://d26horl2n8pviu.cloudfront.net/link_data_pictures/images/000/019/514/qrc/Joint_Chiefs_Chairman-02ec1-1497.jpg?1443050722">
</div>
<div class="pta-link-card-content">
<p class="pta-link-card-title">
<a target="blank" href="https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15">U.S. suspects Russia in hack of Pentagon computer network</a>
</p>
<p class="pta-link-card-description">An unclassified e-mail system for the Joint Staff has been disabled since July 25 intrusion</p>
</div>
<div class="clearfix"></div>
</div>
Pentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?2015-08-07T13:34:56-04:002015-08-07T13:34:56-04:00SGT Ben Keen872584<div class="images-v2-count-0"></div>Nothing is 100% secure. Hackers are working 24/7/365 to find ways around everything we try to throw out at them. Thankfully, the system that was hacked was an unclassified email system.Response by SGT Ben Keen made Aug 7 at 2015 1:48 PM2015-08-07T13:48:35-04:002015-08-07T13:48:35-04:00Capt Seid Waddell872586<div class="images-v2-count-0"></div>I think we have been caught off guard.Response by Capt Seid Waddell made Aug 7 at 2015 1:49 PM2015-08-07T13:49:03-04:002015-08-07T13:49:03-04:00SSgt Alex Robinson872696<div class="images-v2-count-0"></div>Why isn't our security so tight that no one can intrude on our networks. We have the best and brightest and we can't secure the military's networks? We can do better than that!Response by SSgt Alex Robinson made Aug 7 at 2015 2:21 PM2015-08-07T14:21:17-04:002015-08-07T14:21:17-04:00CPT Pedro Meza872716<div class="images-v2-count-0"></div>The greatest mistake is that we are not hiring hackers, and criminals to fix the holes, with time new hackers discover new methods, so use hackers and criminals they know better then the college graduates.Response by CPT Pedro Meza made Aug 7 at 2015 2:25 PM2015-08-07T14:25:59-04:002015-08-07T14:25:59-04:00SSG John Erny872768<div class="images-v2-count-0"></div>*NOTE READ the article written by "The Jester" Below! <br />Both the Chinese and the Russians have dedicated teams of hackers that do nothing but try to break into both government and contractor networks to spy and steal technology. Ever notice China's new fighter looks a whole lot like an F-35? I really think we need to be reaching out to our own hacker community for help. Look at Kevin Mitnick, he was once a criminal but now is a very successful security consultant. There is a lot of untapped skill that we could very much use. <br />The Jester has been pointing out this very thing for years which has not been heeded by many other than those who follow these sorts of things. He tweets a lot of what amounts to, "I told you so 2 years ago." <br />A lot of the training people get is to stop hackers with tools and security devices, it is not enough. What we truly need are hackers to stop hackers, kind of like it takes a sniper to stop a sniper. Probably the best the Army has is MAJ TJ O'connor, he was been published on the subject of network security and hacking. I will Ref. The Jester<br /><a target="_blank" href="http://www.jesterscourt.cc/2012/09/25/digital-asymmetric-warfare-is-it-possible/">http://www.jesterscourt.cc/2012/09/25/digital-asymmetric-warfare-is-it-possible/</a> <div class="pta-link-card answers-template-image type-default">
<div class="pta-link-card-picture">
<img src="https://d26horl2n8pviu.cloudfront.net/link_data_pictures/images/000/019/519/qrc/SOFREP-300x250-v1a1.jpg?1443050730">
</div>
<div class="pta-link-card-content">
<p class="pta-link-card-title">
<a target="blank" href="http://www.jesterscourt.cc/2012/09/25/digital-asymmetric-warfare-is-it-possible/">Digital Asymmetric Warfare: Is It Possible? « JESTERS COURT – OFFICIAL BLOG</a>
</p>
<p class="pta-link-card-description">Sophisticated and complex to implement, long-term cyber attacks are often considered the work of intelligence agencies and crime syndicates. However, the oversight and bureaucracy that comes from such management often hinders the ultimate lethality of the attack.</p>
</div>
<div class="clearfix"></div>
</div>
Response by SSG John Erny made Aug 7 at 2015 2:41 PM2015-08-07T14:41:44-04:002015-08-07T14:41:44-04:00LTC Bink Romanick873136<div class="images-v2-count-0"></div>Just heard...Joint Staff emails..not goodResponse by LTC Bink Romanick made Aug 7 at 2015 5:16 PM2015-08-07T17:16:40-04:002015-08-07T17:16:40-04:00SSgt Alex Robinson873140<div class="images-v2-count-0"></div>We can and must do better in protecting all digital information. There is no excuse this happened againResponse by SSgt Alex Robinson made Aug 7 at 2015 5:17 PM2015-08-07T17:17:35-04:002015-08-07T17:17:35-04:00CW3 Private RallyPoint Member873175<div class="images-v2-count-0"></div>This seems to be a trend as one government system after another gets hacked. There is a well defined need to put a stop to this type of warfare or at least try to shield the nation. The war or "1s" and "0s" is going to be a huge part of the future.Response by CW3 Private RallyPoint Member made Aug 7 at 2015 5:39 PM2015-08-07T17:39:11-04:002015-08-07T17:39:11-04:00SrA Daniel Hunter873468<div class="images-v2-count-0"></div>Hopefully they saw something that scared the hell out of them.Response by SrA Daniel Hunter made Aug 7 at 2015 8:27 PM2015-08-07T20:27:45-04:002015-08-07T20:27:45-04:00CPT Private RallyPoint Member873531<div class="images-v2-count-0"></div>Snowdon probably gave the Russian"s the IP address, which means NSA is on top of this...by the way...I have a bridge in Brooklyn for sell, hehehe!Response by CPT Private RallyPoint Member made Aug 7 at 2015 8:59 PM2015-08-07T20:59:43-04:002015-08-07T20:59:43-04:00Sgt Ken Prescott873569<div class="images-v2-count-0"></div>Our IT people must have "KICK ME" signs taped to their backs.Response by Sgt Ken Prescott made Aug 7 at 2015 9:16 PM2015-08-07T21:16:21-04:002015-08-07T21:16:21-04:00Sgt Ken Prescott873570<div class="images-v2-count-0"></div>Our IT people must have "KICK ME" signs taped to their backs.Response by Sgt Ken Prescott made Aug 7 at 2015 9:17 PM2015-08-07T21:17:13-04:002015-08-07T21:17:13-04:00PO1 William "Chip" Nagel873936<div class="images-v2-count-0"></div>"The Song Remains the Same". 21 years in Electronic and Information Warfare and some things never change. Technology gets better but that just offers up different challenges.Response by PO1 William "Chip" Nagel made Aug 8 at 2015 1:35 AM2015-08-08T01:35:59-04:002015-08-08T01:35:59-04:00PO1 John Miller874029<div class="images-v2-count-0"></div><br />This is why penetration testing is so important!<br />Yeah it's expensive and time consuming, but the return is very much worth it in my opinion.Response by PO1 John Miller made Aug 8 at 2015 2:43 AM2015-08-08T02:43:14-04:002015-08-08T02:43:14-04:00PO1 John Miller874044<div class="images-v2-count-0"></div><br />The solution for these hacks is so simple. It's called penetration testing. <br /><br />Basically that's where you have an "ethical hacker" hack your network so that you know all the vulnerabilities and how to fix them.Response by PO1 John Miller made Aug 8 at 2015 2:56 AM2015-08-08T02:56:32-04:002015-08-08T02:56:32-04:00LTC Stephen F.874428<div class="images-v2-count-0"></div>As long the cyber-security breaks are limited to NIPR and below nets, I am not very concerned <a class="dark-link bold-link" role="profile-hover" data-qtip-container="body" data-id="452047" data-source-page-controller="question_response_contents" href="/profiles/452047-gysgt-wayne-a-ekblad">GySgt Wayne A. Ekblad</a>. I wouldn't be too surprised if long after we are all dead, the truth about these "cyber breaches," red teams, deliberate leaks, who and what is behind the varied "attacks" is released to a bored public :-)<br />I really wonder how many of the announced leaks are really breaches versus some type of red team system test. If I really knew the answer I couldn't discuss it :-)<br />I am sure my friend <a class="dark-link bold-link" role="profile-hover" data-qtip-container="body" data-id="347395" data-source-page-controller="question_response_contents" href="/profiles/347395-351l-counterintelligence-technician">CW5 Private RallyPoint Member</a> also would have no comment :-)Response by LTC Stephen F. made Aug 8 at 2015 10:26 AM2015-08-08T10:26:56-04:002015-08-08T10:26:56-04:00LTC Bink Romanick874473<div class="images-v2-count-0"></div>Russia is flexing its muscles in different ways, this is just a way that they can let us know that they are there.<br /><br />One way that we can prevent "spear fishing" is to emphasize the basic, "Don't click on links that come from folks that you don't know" Simple common sense.<br /><br />Beefing up computer security is a must. I am such a novice, I couldn't begin to suggest a method.Response by LTC Bink Romanick made Aug 8 at 2015 10:46 AM2015-08-08T10:46:56-04:002015-08-08T10:46:56-04:00Capt Richard I P.874480<div class="images-v2-count-0"></div>Bureaucracy is rarely tied to innovation.Response by Capt Richard I P. made Aug 8 at 2015 10:56 AM2015-08-08T10:56:00-04:002015-08-08T10:56:00-04:00SGT Jeremiah B.874618<div class="images-v2-count-0"></div>This will continue to happen forever. If you're connected to the internet, you're vulnerable. Period. Give enough pros enough time to bang away at your network and even with the best, most amazing security, someone is going to get in.Response by SGT Jeremiah B. made Aug 8 at 2015 12:24 PM2015-08-08T12:24:16-04:002015-08-08T12:24:16-04:00COL Vincent Stoneking874681<div class="images-v2-count-0"></div>As a former computer geek, because hacking isn't terribly hard and network security is. The hacker only has to get it right once. The defender has to get it right every single time. <br /><br />If a hacker has a 1% success rate, he his a successful hacker. If a cyberdefender has a 99% success rate, he sucks and the hacker wins. <br /><br />Additionally, there are so many vectors to attack, that it is really difficult to think of the defense as one holistic thing - though it needs to be. You have all 7 layers of the IT stack to deal with as well as the human element, as well as physical security of devices and authentication mechanisms (CAC Cards, RSA dongles, etc.).Response by COL Vincent Stoneking made Aug 8 at 2015 1:17 PM2015-08-08T13:17:36-04:002015-08-08T13:17:36-04:00Maj Kevin "Mac" McLaughlin984655<div class="images-v2-count-0"></div>Speaking as a Cyber Professional on this forum I can give you a brief reason what the problem is and respond to some of the posts throughout this thread. Put simply, the reason for our security lapses are due to poor security training to the entire workforce (i.e. DoD), the fact security has up until recently been considered an afterthought, and in some cases people we put our trust into who in turn betray our trust.<br /><br />The DoD has been conducting penetration testing for many years (over 20 I can confirm) and no this is not the only answer. Snowden, for example, was an insider and an administrator which gave him the access and the knowledge to do what he did. No amount of penetration testing/red teaming would have prevented him from taking the information he currently has. Additionally, we unfortunately have idiots working around us who, despite having taken the training, can't seem to avoid getting phished, socially engineered, or plugging in infected devices into our networks. <br /><br />The answer; continue penetration testing (because it absolutely is necessary and it does help), continue training, and enforce smart policies which prevent information leaks. But most of all, start hammering those who fail to adhere to or enforce policies. Once we reduce the "white noise" out there, our cyber experts can in turn focus on the truly significant events and deny the more advanced cyber attacks from being successful.Response by Maj Kevin "Mac" McLaughlin made Sep 22 at 2015 1:39 PM2015-09-22T13:39:29-04:002015-09-22T13:39:29-04:00MSgt Danny Hope984939<div class="images-v2-count-0"></div>The Chinese have been stealing tech from us FOR DECADES! We have only recently understood the danger, and unfortunately seem to be in a constant state of "catch-up". It doesn't help that the Feds don't really want to do what is necessary to get on top of the problem and own the domain as the new "high ground".Response by MSgt Danny Hope made Sep 22 at 2015 2:51 PM2015-09-22T14:51:13-04:002015-09-22T14:51:13-04:00SSG Buddy Kemper986223<div class="images-v2-count-0"></div>Can I sue somebody? Hhahahahaahhaha!!!! Love ya'll!! Happy hump-day (CONUS/EST!!!)Response by SSG Buddy Kemper made Sep 22 at 2015 11:30 PM2015-09-22T23:30:41-04:002015-09-22T23:30:41-04:00SN Private RallyPoint Member993783<div class="images-v2-count-0"></div>Well, for one- they think that using outdated software will keep us from getting hacked. The idea might have worked a few years ago, but today we need a new strategy as the world gets better at using computers.Response by SN Private RallyPoint Member made Sep 25 at 2015 2:32 PM2015-09-25T14:32:31-04:002015-09-25T14:32:31-04:00Sgt Wayne Wood2864461<div class="images-v2-count-0"></div>Lowest bidder...Response by Sgt Wayne Wood made Aug 24 at 2017 8:17 PM2017-08-24T20:17:41-04:002017-08-24T20:17:41-04:00SFC Randy Hellenbrand7459127<div class="images-v2-count-0"></div>4 YEARS OF TRUMP IS THE ANSWER.Response by SFC Randy Hellenbrand made Jan 5 at 2022 12:28 PM2022-01-05T12:28:34-05:002022-01-05T12:28:34-05:002015-08-07T13:34:56-04:00