Not as cool as it sounds:
Computer spies have broken into the Pentagon’s $300 billion Joint Strike Fighter project — the Defense Department’s costliest weapons program ever — according to current and former government officials familiar with the attacks.
Similar incidents have also breached the Air Force’s air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.
The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.
Great.
You would think since we have the expertise to build these, we could at least secure our networks.
Great.
We protect Aunt Millie’s MRI records better than we protect classified data on the part of contractors. We need to insert clause into any future contracts ‘breach of your network is grounds for immediate termination of contract, forfeiture of all funds paid to debt, debarrment from future contract bids, and public beheading of your entire IT department”.
First the Chinese buy the navy’s nuclear fuel supplier, now we learn they hack the JSF program – heck, I think its time for Obama to gov over there and shake hands and make sure we are all friends.
Whatever happened to “firewall”? As in classified networks are NOT interconnected to unclassified networks? Good grief! Aren’t there ANY adults working in government security these days? If there is no wire connecting the inside to the outside then the enemy will have to resort to old fashioned espionage rather that the instant electronic kind. Sheesh.
Hmm. Software firewalls are not worth the code they’re written with, in my view.
The real threat is the “insider.”
I say that we balance out the odds by doing the same to them (we know who they are), and “to seal the deal:” give/sell THREE (to start) of our mothballed aircraft carriers to the Republic of China on Taiwan (the real China!). Captain and fellow mates: what do you think?
If it were only as easy as easy as setting up a firewall and/or unplugging the UNCLASS systems from the ‘net. When you’ve got prime and sub-contractors in just about every state, sharing unclassified information via any method other than the internet becomes nigh-on impossible. The balance between security and availability is about as thin a margin as the difference between Vne and stall speed of a U-2 at altitude.
The truly classified stuff is on an air-gapped network, but if you gather enough unclassified information you can piece it together to get classified information. You just have to be willing to sort through it all and come to some conclusions. There are certainly some state actors out there with the spare manpower to do it.
One of the biggest problems in IT security (at least from where I sit) is that most folks’ understanding of it is based on shows like 24. All I need in order to hack into any secure government database is a PDA (that works underground), right? Don’t even get me started on all the un-escorted, un-cleared civilians they allow to wander around the SCIF during a crisis.
This comes on the heels of the revelation that a number of computer chips onboard Airforce fighters were found to be counterfeit. These fake chips had the potential to carry software switches to enable an outside operator to disable them at a given signal, or predetermined time.
The Airforce is currently replacing all of these (if it hasn’t done so already) but it serves notice of the false economy of outsourcing critical components to foreign nations. Like, for example, CHINA!
To my mind, someone in China is very worried about US capabilities, and is taking pro-active steps to gain “outside the box” advantages for future leverage.
Nothing new in China and others (some purported to be friends) doing everything possible to steal anything they can get their hands on.
Like a lot of things everyone is ready to pounce when breaches such as this occur but are almost equally united in their opposition to funding the sort of security required to prevent it.
To begin with we would never have the sort of infrastructure to provide clearances to the number of people required not to mention the fact that, based on current policies, many would never qualify in any event. Seems getting behind on credit card payments is disqualifying based on recent experience a contractor I am very familiar with has experienced in recent days. Some previously cleared employees (not even close to a TS-SCI level) have had clearances pulled for simply being behind on credit cards let alone in default.
Stepping up the sanctions on contractors would only lead to higher prices on items (there is no free lunch) or more likely an ever shrinking pool of qualified contractors to do the work.
Of course there are contractors who simply ignore the regs – at least until getting caught which is unlikely until some serious breach has already occurred – the horse being out of the barn by then.
A complex problem with expensive solutions that nobody wants to address until it is too late.
I agree that some of it has to do with funding, but in all honesty, it has more to do with utility. If you lock down an unclassified network to make it safe, you have to give up some functionality. Heaven forbid that permanent GS-9 can’t get to ebay in order to buy more chotchkies for their desk, or the SES who didn’t get the email from his wife about picking up milk on the way home.
The COLD war has gone to the CYBER War!
It is now fought with high speed modems, keyboards, and kids from Russia!
I can’t believe that someone was so stupid as to connect networks containing classified information to the internet in any way, shape or fashion.
Air gap!
Battlestar Galatica got it right. Don’t mix and match your LANs!
As someone who watches this “activity” all day, the end solution is removal of all index finger’s (mouse click anyone)!
Seriously, just sit on a registered IP class C subnet, and watch the logs. @ work, I’m the “voice” of doom when I re-cant what happened in the last 60 seconds on the “network”.
One time we started a pool, how long before a PC would be compromised if put out one the Internet. Out of everybody, I was the second “lowest” number in the pool. I guessed 60 seconds, one other indivual said 30 seconds. Most folks said anything from 8 hours, to weeks.
I fired up the sniffer, forced spanning tree to enable the port, …..
.7 seconds later, the PC was fully compromised and looking for “victims”.
Bottomline, we are being assalted daily by not only organized crime like the RBN (russian business network who apparently have moved to China, go figure), but state sponsored sourced from the Pac-Rim.
That must explain the continuous probes of my VPN firewall. I used to trace some of the most common probing addresses, but since it is my home VPN connection, I didn’t put a lot of time into it. Unlike Lex (above) I run a software firewall on all my machines along with the hardware firewall, and antivirus, spyware catchers, registery monitors, process guard and all to the point sometimes I wonder how the cpu has any cycles left to do real work. I am a bit paranoid, people come to me for help because I am considered the “expert”, and I still got hit with a trojan that stole a credit card transaction. (fortunately the anti fraud software at the CC company caught an out of character charge and called me. Plus I have a credit watch on my account. It helps.) It is a cyber war out there, I wonder if the government will ever get serious about it?
The average PC user has absolutely no chance.