funsec mailing list archives
Re: from CNN
From: Larry Seltzer <larry () larryseltzer com>
Date: Wed, 25 Aug 2010 20:19:23 -0400
Wired has a story casting doubt on the foreign intelligence angle. http://www.wired.com/dangerroom/2010/08/insiders-doubt-2008-pentagon-hack- was-foreign-spy-attack/ The guts of the claim is that they know from forensics that Russian hackers had used the code before, but they can't actually source the attack to the Russians. Looked at this way, the Lynn article could just be public lobbying for DoD for "cybersecurity" (yuck, how I hate that word) authority in any coming legislation. Homeland Security is generally being given primary authority for defending civilian networks, but DoD wants a hand in it. LJS -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Richard Golodner Sent: Wednesday, August 25, 2010 7:17 PM To: funsec () linuxbox org Subject: [funsec] from CNN http://www.cnn.com/2010/TECH/innovation/08/25/pentagon.cyberattack/index.h tml?hpt=T1 Deputy Defense Secretary William J. Lynn III, in an article titled "Defending a New Domain" posted on Foreign Affairs magazine's web site, said the "previously classified incident was the most significant breach of U.S. military computers ever." "The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command," his article said. "That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control." He continued: "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary." It amazes me that this stuff is allowed to happen at this level, and to not even be detected. Richard _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- from CNN Richard Golodner (Aug 25)
- Re: from CNN Larry Seltzer (Aug 25)
- Re: from CNN Martin Tomasek (Aug 25)