Pentagon Official Reveals Computer Security Breach… As Part Of Effort To Get More Power Over Critical Infrastructure?
from the how's-that-work? dept
You may have seen the various stories making the rounds about how some malicious trojan originally on an unsecured USB key was put into a military laptop in 2008, and then propagated around the military, hitting both classified and unclassified documents. Why is this massive security breach being declassified now? Well, to warn us how scary computer threats out there are:
Lynn’s decision to declassify an incident that Defense officials had kept secret reflects the Pentagon’s desire to raise congressional and public concern over the threats facing U.S. computer systems, experts said.
We’ve already noted that various government officials have been engaging in a massive hype campaign about “cyberwar” threats, in an effort to get more control over certain networks. But there’s also a bit of an inter-departmental battle within government agencies over who should get to control these new powers. And, in this case, Deputy Defense Secretary William Lynn’s revelation of this security breach is party of his jockeying to make sure that the Pentagon gets more power here, rather than Homeland Security:
He puts the Homeland Security Department on notice that although it has the “lead” in protecting the dot.gov and dot.com domains, the Pentagon — which includes the ultra-secret National Security Agency — should support efforts to protect critical industry networks.
As Jim Harper points out, however, this is the equivalent of saying we totally failed to protect our own systems, so put us in charge of more:
The failure of the military to protect its own systems creates an argument for it to have preeminence in protecting private computer infrastructure? Perhaps the Department of Homeland Security will reveal how badly it has been hacked in order to regain the upper hand in the battle to protect us.
Don’t you feel safer?
Filed Under: defense department, homeland security, security
Comments on “Pentagon Official Reveals Computer Security Breach… As Part Of Effort To Get More Power Over Critical Infrastructure?”
I disagree
The only time the federal govt EVER admits there’s a problem (nver caused by them, of course) is a ruse to get more money. As in, “the reason XYZ isn’t working is because we don’t have sufficient funds”.
It’s ALWAYS about money.
Re: I disagree
I would amend that to say it always about money or power. Often the same thing but not always.
Conspiracy Theory Alert ;)
Re: Conspiracy Theory Alert ;)
Shall we discuss the Echelon Network? 😉
Re: Re: Conspiracy Theory Alert ;)
Echelon Network … nothing to see here move along 😉
No matter what nasty thing you suspect the government of doing they are most assuredly doing something worse.
Re: Re: Re: Conspiracy Theory Alert ;)
And they’re probably doing it more incompetently than you could imagine as well.
As a veteran let me say that I have complete and total confidence in organizations like the military which have always geared up to fight the last war they were in.
Homeland Security doesn’t strike me as doing much different than various militaries have have thousands of years of practice in getting wrong.
I watched this movie already.
There’s a computer under NORAD called WOPR just waiting to take over the security of the nation. Just make sure your numbers in Sunnyvale, California are secure.
Re: I watched this movie already.
and ban all searches for “Global Thermo Nuclear War”
Take us to Defcon 1
This is why the *privacy* of individuals should be maintained. Obviously government can’t keep it’s stuff secure.
It’s probably best in light of that, to keep any ‘classified’ information on separate networks with no route to the internet – at the very least.
Orz
/sigh
Security
No matter how paranoid or conspiracy minded you are,
what your government is actually doing is worse than
you can ever imagine.
Wait,
How do they possibly think that showing that they are incapable of properly handling their own security shows that they should be in charge of MORE peoples security?
My brain hurts from trying to parse that “logic”
Re: Re:
Let me help….
The key to getting more money in power in government is showing need. Step 1, Show that you have the absolute best policy you can BS your way through to get the results you want. Step 2, spend your ENTIRE budget and then some on something having nothing to do with what you need money for (the more you spend the more you get…forget efficient and doing things the right way. Step 3, ask for more money cause obviously if you throw enough money into a bottomless pit you will get favorable results. Step 4, repeat until you win. Step 5, Profit.
This wasnt the worst
wtf
back years ago there was a hole that existed for 7 years i know and a few others know one UK guy got caught as did ONE american …why cause they weren’t given these tools to look they took them thus did not understand properly how to peek in.
AND YES that meant for 7 years people were having a look around…..and you think a USB stick was bad?
Funny how we got along fine without any added fed powers all that time….FUNNY don’t ya think?
P.S. the us govt hired the guy that got caught in the usa, even more funny as the rest of us that didn’t.
GO ahead pass the ip along i fear nothing.
I spoke with a government contractor a few months back and he told me about the commanding general banning USB drive for this specific reason. His response was to use Dropbox.
Ignoring government/intra-government attempts at grabbing power (and associated budget dollars), is there anyone here who believes that there is a means by which a third country could, in fact, precipitate a “cyber war”?
Windows is not secure.
Never ever ever put anything with any security classification on a windows box. Never ever ever put anything classified on a computer hooked to a network.
Problem solved.
Re: Windows is not secure.
Well, there’s something called encryption.
An example of a secure networked system:
Keep a network with the data, and one with the decryption key. The data can be an open network. The decryption is a closed network. For example, a laptop without wireless capabilities.
Get a computer, read the data. Disconnect from data network, connect to decryption, read data. Disconnect, then flush intermediary computer.
Without ever guaranteeing that there will not be a virus, (heck, put as many on there as you’d like), the virus has no way to send back meaningful information to anybody.
Bonus points if the encryption is OTP.
There Is No Excuse
Any part of any government organization, that is supposed to be serious about security, world wide, which is still using Windows, needs to have its most senior officers sacked. The fact, that Windows has the worst security reputation of any operating system, is very well known. The fact, that Windows is the favorite target of computer criminals everywhere, is also very well known.
There is no excuse for senior officers not knowing and acting on these facts. They need to be told from the highest political levels, “Shape up or ship out!” Unless the politicians are willing to develop the political will to make sure the job gets done properly, then the job will continue to be done badly. Politicians are perfectly capable of sacking very senior officers, when they have the will. Hold the politicians accountable.
Unicorns
Why does my cock hurt so much? It won’t go down. Argghhh, nurse….. Please help….