funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: from CNN

From: Larry Seltzer <larry () larryseltzer com>
Date: Wed, 25 Aug 2010 20:19:23 -0400
Wired has a story casting doubt on the foreign intelligence angle.

http://www.wired.com/dangerroom/2010/08/insiders-doubt-2008-pentagon-hack-
was-foreign-spy-attack/

The guts of the claim is that they know from forensics that Russian
hackers had used the code before, but they can't actually source the
attack to the Russians.

Looked at this way, the Lynn article could just be public lobbying for DoD
for "cybersecurity" (yuck, how I hate that word) authority in any coming
legislation. Homeland Security is generally being given primary authority
for defending civilian networks, but DoD wants a hand in it.

LJS

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Richard Golodner
Sent: Wednesday, August 25, 2010 7:17 PM
To: funsec () linuxbox org
Subject: [funsec] from CNN

http://www.cnn.com/2010/TECH/innovation/08/25/pentagon.cyberattack/index.h
tml?hpt=T1

Deputy Defense Secretary William J. Lynn III, in an article titled
"Defending a New Domain" posted on Foreign Affairs magazine's web site,
said the "previously classified incident was the most significant breach
of U.S. military computers ever."

"The flash drive's malicious computer code, placed there by a foreign
intelligence agency, uploaded itself onto a network run by the U.S.
Central Command," his article said. "That code spread undetected on both
classified and unclassified systems, establishing what amounted to a
digital beachhead, from which data could be transferred to servers under
foreign control."

He continued: "It was a network administrator's worst fear: a rogue
program operating silently, poised to deliver operational plans into the
hands of an unknown adversary."

        It amazes me that this stuff is allowed to happen at this level,
and to
not even be detected.
        Richard


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: