Pentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?

GySgt Wayne A. Ekblad — Fri, 07 Aug 2015 13:34:56 -0400

U.S. military officials said Thursday that they suspect Russian hackers infiltrated an unclassified Pentagon e-mail system used by employees of the Joint Chiefs of Staff, the latest in a series of state-sponsored attacks on sensitive U.S. government computer networks.

The electronic intrusion was detected about July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days.

The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.

“This attack was fairly sophisticated and has the indications . . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation.

The cyberattack on the Joint Staff, which coordinates operations among the branches of the armed forces, is similar to one last fall that successfully penetrated unclassified e-mail systems at the White House and the State Department. In that case, U.S. officials said the trail also led to hackers thought to be working for the Russian government.

Even so, officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.

The incident follows several other, more destructive cyberattacks on U.S. government networks, including devastating breaches of databases maintained by the Office of Personnel Management. U.S. officials believe hackers working for the Chinese government were responsible for those, which exposed sensitive information about more than 22 million people.

Responding to the spate of attacks, officials in Washington have said they were working to bolster the security of computer systems across the federal government. The disclosure of a successful breach of a Pentagon e-mail network, however, is likely to generate new scrutiny from Congress on the reliability of Washington’s cyberdefenses.

Read more at ...

https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15

====================================================

U.S. suspects Russia in hack of Pentagon computer network

An unclassified e-mail system for the Joint Staff has been disabled since July 25 intrusion

Response by SGT Ben Keen made Aug 7 at 2015 1:48 PM

SGT Ben Keen — Fri, 07 Aug 2015 13:48:35 -0400

Nothing is 100% secure. Hackers are working 24/7/365 to find ways around everything we try to throw out at them. Thankfully, the system that was hacked was an unclassified email system.

Response by Capt Seid Waddell made Aug 7 at 2015 1:49 PM

Capt Seid Waddell — Fri, 07 Aug 2015 13:49:03 -0400

I think we have been caught off guard.

Response by SSgt Alex Robinson made Aug 7 at 2015 2:21 PM

SSgt Alex Robinson — Fri, 07 Aug 2015 14:21:17 -0400

Why isn't our security so tight that no one can intrude on our networks. We have the best and brightest and we can't secure the military's networks? We can do better than that!

Response by CPT Pedro Meza made Aug 7 at 2015 2:25 PM

CPT Pedro Meza — Fri, 07 Aug 2015 14:25:59 -0400

The greatest mistake is that we are not hiring hackers, and criminals to fix the holes, with time new hackers discover new methods, so use hackers and criminals they know better then the college graduates.

Response by SSG John Erny made Aug 7 at 2015 2:41 PM

SSG John Erny — Fri, 07 Aug 2015 14:41:44 -0400

*NOTE READ the article written by "The Jester" Below!
Both the Chinese and the Russians have dedicated teams of hackers that do nothing but try to break into both government and contractor networks to spy and steal technology. Ever notice China's new fighter looks a whole lot like an F-35? I really think we need to be reaching out to our own hacker community for help. Look at Kevin Mitnick, he was once a criminal but now is a very successful security consultant. There is a lot of untapped skill that we could very much use.
The Jester has been pointing out this very thing for years which has not been heeded by many other than those who follow these sorts of things. He tweets a lot of what amounts to, "I told you so 2 years ago."
A lot of the training people get is to stop hackers with tools and security devices, it is not enough. What we truly need are hackers to stop hackers, kind of like it takes a sniper to stop a sniper. Probably the best the Army has is MAJ TJ O'connor, he was been published on the subject of network security and hacking. I will Ref. The Jester
http://www.jesterscourt.cc/2012/09/25/digital-asymmetric-warfare-is-it-possible/

Digital Asymmetric Warfare: Is It Possible? « JESTERS COURT – OFFICIAL BLOG

Sophisticated and complex to implement, long-term cyber attacks are often considered the work of intelligence agencies and crime syndicates. However, the oversight and bureaucracy that comes from such management often hinders the ultimate lethality of the attack.

Response by LTC Bink Romanick made Aug 7 at 2015 5:16 PM

LTC Bink Romanick — Fri, 07 Aug 2015 17:16:40 -0400

Just heard...Joint Staff emails..not good

Response by SSgt Alex Robinson made Aug 7 at 2015 5:17 PM

SSgt Alex Robinson — Fri, 07 Aug 2015 17:17:35 -0400

We can and must do better in protecting all digital information. There is no excuse this happened again

Response by CW3 Private RallyPoint Member made Aug 7 at 2015 5:39 PM

CW3 Private RallyPoint Member — Fri, 07 Aug 2015 17:39:11 -0400

This seems to be a trend as one government system after another gets hacked. There is a well defined need to put a stop to this type of warfare or at least try to shield the nation. The war or "1s" and "0s" is going to be a huge part of the future.

Response by SrA Daniel Hunter made Aug 7 at 2015 8:27 PM

SrA Daniel Hunter — Fri, 07 Aug 2015 20:27:45 -0400

Hopefully they saw something that scared the hell out of them.

Response by CPT Private RallyPoint Member made Aug 7 at 2015 8:59 PM

CPT Private RallyPoint Member — Fri, 07 Aug 2015 20:59:43 -0400

Snowdon probably gave the Russian"s the IP address, which means NSA is on top of this...by the way...I have a bridge in Brooklyn for sell, hehehe!

Response by Sgt Ken Prescott made Aug 7 at 2015 9:16 PM

Sgt Ken Prescott — Fri, 07 Aug 2015 21:16:21 -0400

Our IT people must have "KICK ME" signs taped to their backs.

Response by Sgt Ken Prescott made Aug 7 at 2015 9:17 PM

Sgt Ken Prescott — Fri, 07 Aug 2015 21:17:13 -0400

Our IT people must have "KICK ME" signs taped to their backs.

Response by PO1 William "Chip" Nagel made Aug 8 at 2015 1:35 AM

PO1 William "Chip" Nagel — Sat, 08 Aug 2015 01:35:59 -0400

"The Song Remains the Same". 21 years in Electronic and Information Warfare and some things never change. Technology gets better but that just offers up different challenges.

Response by PO1 John Miller made Aug 8 at 2015 2:43 AM

PO1 John Miller — Sat, 08 Aug 2015 02:43:14 -0400

This is why penetration testing is so important!
Yeah it's expensive and time consuming, but the return is very much worth it in my opinion.

Response by PO1 John Miller made Aug 8 at 2015 2:56 AM

PO1 John Miller — Sat, 08 Aug 2015 02:56:32 -0400

The solution for these hacks is so simple. It's called penetration testing.

Basically that's where you have an "ethical hacker" hack your network so that you know all the vulnerabilities and how to fix them.

Response by LTC Stephen F. made Aug 8 at 2015 10:26 AM

LTC Stephen F. — Sat, 08 Aug 2015 10:26:56 -0400

As long the cyber-security breaks are limited to NIPR and below nets, I am not very concerned GySgt Wayne A. Ekblad. I wouldn't be too surprised if long after we are all dead, the truth about these "cyber breaches," red teams, deliberate leaks, who and what is behind the varied "attacks" is released to a bored public :-)
I really wonder how many of the announced leaks are really breaches versus some type of red team system test. If I really knew the answer I couldn't discuss it :-)
I am sure my friend CW5 Private RallyPoint Member also would have no comment :-)

Response by LTC Bink Romanick made Aug 8 at 2015 10:46 AM

LTC Bink Romanick — Sat, 08 Aug 2015 10:46:56 -0400

Russia is flexing its muscles in different ways, this is just a way that they can let us know that they are there.

One way that we can prevent "spear fishing" is to emphasize the basic, "Don't click on links that come from folks that you don't know" Simple common sense.

Beefing up computer security is a must. I am such a novice, I couldn't begin to suggest a method.

Response by Capt Richard I P. made Aug 8 at 2015 10:56 AM

Capt Richard I P. — Sat, 08 Aug 2015 10:56:00 -0400

Bureaucracy is rarely tied to innovation.

Response by SGT Jeremiah B. made Aug 8 at 2015 12:24 PM

SGT Jeremiah B. — Sat, 08 Aug 2015 12:24:16 -0400

This will continue to happen forever. If you're connected to the internet, you're vulnerable. Period. Give enough pros enough time to bang away at your network and even with the best, most amazing security, someone is going to get in.

Response by COL Vincent Stoneking made Aug 8 at 2015 1:17 PM

COL Vincent Stoneking — Sat, 08 Aug 2015 13:17:36 -0400

As a former computer geek, because hacking isn't terribly hard and network security is. The hacker only has to get it right once. The defender has to get it right every single time.

If a hacker has a 1% success rate, he his a successful hacker. If a cyberdefender has a 99% success rate, he sucks and the hacker wins.

Additionally, there are so many vectors to attack, that it is really difficult to think of the defense as one holistic thing - though it needs to be. You have all 7 layers of the IT stack to deal with as well as the human element, as well as physical security of devices and authentication mechanisms (CAC Cards, RSA dongles, etc.).

Response by Maj Kevin "Mac" McLaughlin made Sep 22 at 2015 1:39 PM

Maj Kevin "Mac" McLaughlin — Tue, 22 Sep 2015 13:39:29 -0400

Speaking as a Cyber Professional on this forum I can give you a brief reason what the problem is and respond to some of the posts throughout this thread. Put simply, the reason for our security lapses are due to poor security training to the entire workforce (i.e. DoD), the fact security has up until recently been considered an afterthought, and in some cases people we put our trust into who in turn betray our trust.

The DoD has been conducting penetration testing for many years (over 20 I can confirm) and no this is not the only answer. Snowden, for example, was an insider and an administrator which gave him the access and the knowledge to do what he did. No amount of penetration testing/red teaming would have prevented him from taking the information he currently has. Additionally, we unfortunately have idiots working around us who, despite having taken the training, can't seem to avoid getting phished, socially engineered, or plugging in infected devices into our networks.

The answer; continue penetration testing (because it absolutely is necessary and it does help), continue training, and enforce smart policies which prevent information leaks. But most of all, start hammering those who fail to adhere to or enforce policies. Once we reduce the "white noise" out there, our cyber experts can in turn focus on the truly significant events and deny the more advanced cyber attacks from being successful.

Response by MSgt Danny Hope made Sep 22 at 2015 2:51 PM

MSgt Danny Hope — Tue, 22 Sep 2015 14:51:13 -0400

The Chinese have been stealing tech from us FOR DECADES! We have only recently understood the danger, and unfortunately seem to be in a constant state of "catch-up". It doesn't help that the Feds don't really want to do what is necessary to get on top of the problem and own the domain as the new "high ground".

Response by SSG Buddy Kemper made Sep 22 at 2015 11:30 PM

SSG Buddy Kemper — Tue, 22 Sep 2015 23:30:41 -0400

Can I sue somebody? Hhahahahaahhaha!!!! Love ya'll!! Happy hump-day (CONUS/EST!!!)

Response by SN Private RallyPoint Member made Sep 25 at 2015 2:32 PM

SN Private RallyPoint Member — Fri, 25 Sep 2015 14:32:31 -0400

Well, for one- they think that using outdated software will keep us from getting hacked. The idea might have worked a few years ago, but today we need a new strategy as the world gets better at using computers.

Response by Sgt Wayne Wood made Aug 24 at 2017 8:17 PM

Sgt Wayne Wood — Thu, 24 Aug 2017 20:17:41 -0400

Lowest bidder...

Response by SFC Randy Hellenbrand made Jan 5 at 2022 12:28 PM

SFC Randy Hellenbrand — Wed, 05 Jan 2022 12:28:34 -0500

4 YEARS OF TRUMP IS THE ANSWER.