OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[ISN] Attack by Korean hacker prompts Defense Department cyber debate

From: InfoSec News (alertsinfosecnews.org)
Date: Tue Feb 13 2007 - 01:19:45 CST

http://www.fcw.com/article97645-02-09-07-Web

By Josh Rogin
Feb. 9, 2007

Defense Department computer networks are probed and attacked hundreds of
time each day. But a recent attack on the civilian Internet is causing
DOD officials to re-examine whether the policies under which they fight
cyber battles are tying their hands.

This is an area where technology has outstripped our ability to make
policy, said Air Force Gen. Ronald Keys, Commander of Air Combat
Command. We need to have a debate and figure out how to defend
ourselves.

Unlike in the war on terror, DOD cant go after cyber attackers who plan
or discuss crimes until they act, Keys said. Web sites in other
countries are beyond DODs reach, he added. If theyre not in the United
States, you cant touch 'em.

Keys said it would probably take a cyber version of the 9/11 attacks to
make the U.S. realize that barriers to action in cyberspace should be
re-evaluated.

The danger is real, officials say. On Feb 5, an organized group of
hackers perpetrated the most powerful set of attacks since 2002. The
attacks targeted UltraDNS, the company that runs several servers that
manage traffic for domains that end with .org and other extensions,
according to several reports.

Although the hackers made efforts to conceal their identity, large
amounts of rogue data was traced back to servers in South Korea, the
reports stated. The Associated Press wrote that a traffic server
operated by the Defense Department was affected.

Affected or not, senior DOD cyber officials have taken notice. They
spoke about its defense implications at the Air Warfare Symposium in
Orlando, Fla., hosted by the Air Force Association today.

The recent UltraDNS attacks raised several questions for DOD policy
makers, Keys said. How do you react to that attack? How do you trace it
back? What are the legalities included? What do you do when you do find
them? Its a huge challenge, he said.

DOD must consider more aggressive measures, including penetrating enemy
networks, infiltrating wi-fi, phishing for passwords, and e-mail
deception, Keys said. Cyber attack forces could replace traditional
forces in future attack missions, he said.

The current cyber threat is divided into three tiers: hackers,
criminals, and nation-states, with increasing levels of resources and
investment in cyber capabilities, said U.S. Strategic Commander General
James Cartwright, speaking at the conference.

The U.S. cyber warfare strategy is divided among three fiefdoms,
reconnaissance, offense, and defense, Cartwright said. This results in a
passive, disjointed approach that undermines the military's cyberspace
operations, he added.

Were already at war in Cyberspace, have been for many years, said Keys
Terrorists use the Internet extensively, through remotely detonated
bombs, GPS, Internet financial transactions, navigation jamming, bogs,
bulletin boards, and chat rooms.

Hacker tools are readily available on the Internet, and several sites
promote products that give people the ability to circumvent DODs
security measures, Keys said. But policy and law prevent the department
from shutting down these sites.

Cyberspace is the only warfighting domain in which the U.S. has peer
competitors, Keys said. The Chinese Communist government said in a
recent military white paper that its goal is to be capable of winning
informationized war by the middle of the 21st century, he noted.

DOD is also vulnerable because it procures technology components, such
as computer chips, from China. The companies there could embed
threatening technologies in the chips and then use them for malicious
purposes, Keys said. If theyre good enough [at hiding the technology],
then how would you know? he asked.

Several attacks have disabled government computer systems over the last
few months. In November, the Naval War College took its computers
offline for weeks after a foreign network attack disabled the system. In
July, the Commerce Departments Bureau of Industry and Security had to
replace hundreds of computers following an intrusion that was admitted
to have originated from Chinese servers.

Keys ACC, headquartered at Langley AFB, Va., provides command, control,
communications and intelligence systems to the Air Force and conducts
global information operations. The command is also oversees the 8th Air
Force at Barksdale AFB, La., which will soon become the Air Forces Cyber
Command, it was announced in October.

Cyber Command will focus on integrating reconnaissance, offensive, and
defense operations in cyberspace, Keys said. DOD is dependent on its
networks for almost all its missions, he added. Its entwined into
everything we do.

______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss