Posted on Aug 7, 2015
Pentagon computer network infiltration is latest government breach. Why don't we have more reliable cybersecurity?
13.6K
181
92
13
13
0
U.S. military officials said Thursday that they suspect Russian hackers infiltrated an unclassified Pentagon e-mail system used by employees of the Joint Chiefs of Staff, the latest in a series of state-sponsored attacks on sensitive U.S. government computer networks.
The electronic intrusion was detected about July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days.
The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.
“This attack was fairly sophisticated and has the indications . . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation.
The cyberattack on the Joint Staff, which coordinates operations among the branches of the armed forces, is similar to one last fall that successfully penetrated unclassified e-mail systems at the White House and the State Department. In that case, U.S. officials said the trail also led to hackers thought to be working for the Russian government.
Even so, officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.
The incident follows several other, more destructive cyberattacks on U.S. government networks, including devastating breaches of databases maintained by the Office of Personnel Management. U.S. officials believe hackers working for the Chinese government were responsible for those, which exposed sensitive information about more than 22 million people.
Responding to the spate of attacks, officials in Washington have said they were working to bolster the security of computer systems across the federal government. The disclosure of a successful breach of a Pentagon e-mail network, however, is likely to generate new scrutiny from Congress on the reliability of Washington’s cyberdefenses.
Read more at ...
https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15
====================================================
The electronic intrusion was detected about July 25, officials said. The Pentagon immediately disabled the e-mail system, which is used by about 4,000 military and civilian personnel, in an attempt to contain the damage. The network remains offline, although officials said they hoped to restart it in the coming days.
The Defense Department disclosed the attack shortly after it occurred, but only in recent days have investigators traced it to Russia. Officials said the complexity and advanced nature of the hack strongly suggested that a foreign government was responsible.
“This attack was fairly sophisticated and has the indications . . . of having come from a state actor such as Russia,” said a U.S. official who spoke on the condition of anonymity to discuss details of the investigation.
The cyberattack on the Joint Staff, which coordinates operations among the branches of the armed forces, is similar to one last fall that successfully penetrated unclassified e-mail systems at the White House and the State Department. In that case, U.S. officials said the trail also led to hackers thought to be working for the Russian government.
Even so, officials cautioned that it is difficult to pinpoint the origin or perpetrator of such hacks. “Attribution in this business is near impossible. Rarely are you ever able to say with 100 percent certainty” who was behind a particular incident, the official said.
The incident follows several other, more destructive cyberattacks on U.S. government networks, including devastating breaches of databases maintained by the Office of Personnel Management. U.S. officials believe hackers working for the Chinese government were responsible for those, which exposed sensitive information about more than 22 million people.
Responding to the spate of attacks, officials in Washington have said they were working to bolster the security of computer systems across the federal government. The disclosure of a successful breach of a Pentagon e-mail network, however, is likely to generate new scrutiny from Congress on the reliability of Washington’s cyberdefenses.
Read more at ...
https://www.washingtonpost.com/world/national-security/us-suspects-russia-in-hack-of-pentagon-computer-network/2015/08/06/b80e1644-3c7a-11e5-9c2d-ed991d848c48_story.html?hpid=z15
====================================================
Hacking
Cybersecurity
DoD
National Security
Edited >1 y ago
Posted >1 y ago
Responses: 26
5
5
0
As a former computer geek, because hacking isn't terribly hard and network security is. The hacker only has to get it right once. The defender has to get it right every single time.
If a hacker has a 1% success rate, he his a successful hacker. If a cyberdefender has a 99% success rate, he sucks and the hacker wins.
Additionally, there are so many vectors to attack, that it is really difficult to think of the defense as one holistic thing - though it needs to be. You have all 7 layers of the IT stack to deal with as well as the human element, as well as physical security of devices and authentication mechanisms (CAC Cards, RSA dongles, etc.).
If a hacker has a 1% success rate, he his a successful hacker. If a cyberdefender has a 99% success rate, he sucks and the hacker wins.
Additionally, there are so many vectors to attack, that it is really difficult to think of the defense as one holistic thing - though it needs to be. You have all 7 layers of the IT stack to deal with as well as the human element, as well as physical security of devices and authentication mechanisms (CAC Cards, RSA dongles, etc.).
(5)
(0)
5
5
0
As long the cyber-security breaks are limited to NIPR and below nets, I am not very concerned GySgt Wayne A. Ekblad. I wouldn't be too surprised if long after we are all dead, the truth about these "cyber breaches," red teams, deliberate leaks, who and what is behind the varied "attacks" is released to a bored public :-)
I really wonder how many of the announced leaks are really breaches versus some type of red team system test. If I really knew the answer I couldn't discuss it :-)
I am sure my friend CW5 (Join to see) also would have no comment :-)
I really wonder how many of the announced leaks are really breaches versus some type of red team system test. If I really knew the answer I couldn't discuss it :-)
I am sure my friend CW5 (Join to see) also would have no comment :-)
(5)
(0)
CW5 (Join to see)
No comment, sir. :-) except to say that the adversary can get valuable information from NIPRNet as well. Not classified, but potentially sensitive. That's what OPSEC is all about.
I hope we're doing better in the cyber realm than what we hear in the news.
I hope we're doing better in the cyber realm than what we hear in the news.
(4)
(0)
LTC Stephen F.
CW5 (Join to see) I certainly concur with your hope that "we" are "doing better in the cyber realm than what we hear in the news."
I was trained long ago not to reveal anything in the NIPR net that would be embarrassing to see in a news report on the nightly news [that dates me] :-)
I was trained long ago not to reveal anything in the NIPR net that would be embarrassing to see in a news report on the nightly news [that dates me] :-)
(3)
(0)
Maj Kevin "Mac" McLaughlin
There are to many things which have to be done on the unclassified realm, which can lead to ways to hurt this nations. The OPM breach for example, was all about personnel records. There are many other more significant areas which can be targeted as well. otherwise, we wouldn't be investing as much as we do to protect the NIPRNET. Also, none of the "announced leaks" are going to be attributed to a sanctioned red team. The fact we conduct red teams is not classified information, nr would we allow one to be attributed to a real world breach.
(2)
(0)
5
5
0
Read This Next
Continue with Facebook 
Continue with Google