More than 20 years ago, the United States realized that having an advantage in “intangible factors” — more information, better communications, greater precision — was as important as having more tanks or airplanes. Some call it a “force multiplier.” Cyber capabilities are a force multiplier. Having an “informational advantage” makes U.S. forces more effective. The people who plan to fight us are looking for ways to undo that advantage. Cyberattack is one.
These are not hypothetical capabilities. Other nations’ intelligence services frequently penetrate our networks. So far, they have been more interested in stealing than disruption. But in December 2008, unknown foreign intruders were able to break into Central Command’s classified networks and sit there.
Variations: A November 2009 version sighted on the CBS News magazine 60 Minutes moves the date of the putative cyber attack to November 2008, and expands on the identity and capabilities of the supposed intruders. “The malicious code opened a backdoor for a foreign power to get into the system … They could see what the traffic was, they could read documents, they could interfere with things.”
Origins: Tales of “cyberwar” and “cyberterrorist” threats against the U.S. and other countries first circulated almost two decades ago. After briefly subsiding following the terrorist attacks of September 11, 2001, the stories resurfaced, reaching a fever pitch in the Fall of 2009. The stories appear to be most frequently circulated by government contractors and credulous mainstream media.
The specific claim that a foreign government was lurking on the classified networks at U.S. Central Command, the military command for America’s Middle East engagements, appears to have originated with James Lewis at the Center for Strategic and International Studies, a Washington D.C. think-tank.
As with similar stories about computer intruders causing large-scale power outages in the United States and Brazil, the CENTCOM story has its roots in a real incident. In May 2008, an unremarkable computer worm called agent.btz was seen spreading in the wild. Like previous viruses, the worm used Microsoft Windows’ “autorun” capability to spread through removable media, such as floppy disks and USB drives, and to infect computers that encounter it on a shared network drive.
In late 2008, agent.btz began infecting U.S. military machines, and that November, it was carried into CENTCOM’s classified network on a USB thumb drive, prompting the Pentagon to ban such media outright. That’s where the popular story appears to diverge from reality. While agent.btz did, indeed, open backdoors on the computers it infected, such backdoors require connectivity to be of any use to intruders. Classified computer networks are not connected to the internet, therefore intruders would have no way of exploiting the backdoor, or, indeed, of even knowing that agent.btz had founds its way into the CENTCOM network.
Agent.btz was not the first malware to stumble into a classified network, and security experts have published no evidence that it was crafted for that purpose, or that it was created by a foreign government. And while the hackers’ code was on CENTCOM’s network, that doesn’t mean the hackers themselves were present. Claiming the virus allowed foreign intruders to “sit there” on a classified network is like complaining that Jehovah’s Witnesses are sitting in your living room because they slipped a copy of The Watchtower in your mail slot.
Follow-up: Asked about the claim, CSIS’ James Lewis acknowledged that classified computers are not allowed on the internet, but nonetheless stood by his assertion that virus authors were able to “sit there” and access classified data. He said this characterization of the malware infection came from a government source, whom he declined to name. A Pentagon spokesman did not return a phone call.
SOURCE: www.wired.com
Other cyber news related to US
Cyberwar: How China’s Hackers Threaten the U.S. Armed Forces
US Government looking for Cyber Warriors
Is The U.S. Ready For A Cyberwar ??
0 Visitor Reactions: