[ISN] U.S. Military's Elite Hacker Crew (Two messages)

InfoSec News isn at c4i.org
Tue Apr 19 09:21:17 EDT 2005

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rslade at sprint.ca>
Cc: cissp-guns-and-butter at yahoogroups.com

(I should probably state, right off the top, that my intention is not
to make fun of military studies of infowar/cyberwar capabilities, but
the people who report on them.)

Date sent:              Mon, 18 Apr 2005 05:00:18 -0500 (CDT)
From:                   InfoSec News <isn at c4i.org>
Subject:                [ISN] U.S. Military's Elite Hacker Crew

> http://wired-vig.wired.com/news/privacy/0,1848,67223,00.html
> By John Lasker
> April. 18, 2005
> The U.S. military has assembled the world's most formidable hacker
> posse: a super-secret, multimillion-dollar weapons program that may
> be ready to launch bloodless cyberwar against enemy networks -- from
> electric grids to telephone nets.

Ummm, haven't we heard this before?  Many, many, many times?

> In simple terms and sans any military parlance, the unit could best
> be described as the world's most formidable hacker posse. Ever.

Oh, it could *easily* be described that way.  When you're a reporter
looking for a sensational story, you can describe all kinds of things
that way!

> But aside from that, little else is known.

Surprise, surprise!

> "They are a difficult nut to crack," said Dan Verton, a former U.S.
> Marine intelligence officer. "They're very reluctant to talk about
> operations."

Yeah.  I'll bet.

> Verton said the unit's capabilities are highly classified, but he
> believes they can destroy networks and penetrate enemy computers to
> steal or manipulate data.

Oh, golly!  Intrusions into other people's computers!  Just imagine!

> He said they may also be able to set loose a worm to take down
> command-and-control systems so the enemy is unable to communicate
> and direct ground forces, or fire surface-to-air missiles, for
> example.

Didn't they already do this?  In 1991?  April of 1991?  April *First*
of 1991?

> To better understand the secret program, several questions about the
> unit were submitted to Stratcom.
> Capt. Damien Pickart, a Stratcom spokesman, issued a short statement
> in response: "The DOD is capable of mounting offensive CNA. For
> security and classification reasons, we cannot discuss any

Again, surprise, surprise.

> However, given the increasing dependence on computer networks, any
> offensive or defensive computer capability is highly desirable."

Any capability.  Regardless of what it does.  Regardless of how it
works, or how *well* it works ...

> Nevertheless, Verton says military personnel have told him numerous
> "black programs" involving CNA capabilities are ongoing, while new
> polices and rules of engagement are now on the books.

Ah, so we are at the point where we don't know what we are doing, but,
by golly, we are going to do it!

> Last summer, the internet-posted execution of American civilian
> Nicholas Berg sparked a debate about the offensive capabilities of
> the CNA program, said retired U.S. Army Col. Lawrence Dietz.


> The debate focused on whether the United States should shut down a
> website as soon as it posts such brutality.

Nobody told them about Kazaa, BitTorrent, etc?

> Dietz knows a thing or two about information warfare. He led NATO's
> "I-War" against Serbia in the mid-1990s -- a conflict that many
> believe was the occasion for the U.S. military to launch its first
> wave of cyber attacks against an enemy.

Oh, no, not the first!  The *first* one was the "Desert Storm" virus.

> One story widely reported, but never confirmed

Again, surprise, surprise.

> "The reality is, once you press that Enter button, you can't control
> it," he said. "If the government were to release a virus to take
> down an enemies' network, their radar, their electrical grid, you
> have no control what the virus might do after that."

One of the reasons that, eighteen years ago, we figured that "attack"  
viruses were not a really good idea.

======================  (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca      slade at victoria.tc.ca      
rslade at sun.soci.niu.edu
This is the bitterest pain among men, to have much knowledge but
no power.                                                - Herodotus
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade


Forwarded from: matthew patton <pattonme at yahoo.com>
Subject: Re: [ISN] U.S. Military's Elite Hacker Crew

I'd be happy to be wrong but I really don't think such a shallow
"scare" piece warrants much notice. I'm not suggesting there aren't a
couple of 0-days the military has come up with that it can potentially
use to DoS or otherwise compromise the odd website here and there. I
got a chance to view and interface with some folk involved in a "green
room" project and well, it's "really cool" to the youngsters that
they've got a hacking tool and the authorization to use it, it's not
what I'd consider earth shattering stuff. The established bug hunters
nee NGS are IMO considerably more skilled at this than the military
will be. Much as we've been seeing in the crypto world for some time,
the "public" is pretty darn good at this stuff too.

The controversial website thing to me is a red herring. By the time
the military/intelligence community is aware of it's existence the cat
is LONG out of the bag. The Mallaysian case of taking an extra day to
pull the plug makes no difference - the video was out there on plenty
of hard drives already. Going after financial transaction software and
infrastructure control devices is way more interesting. The barrier to
entry has generally been getting ones hands on the software in
question and figuring out how to mess with it. I'm sure having gov't
contacts tremedously facilitates access to what would otherwise be
better controlled. Then again, how hard is to bribe a sysadmin here or
there who has access to the CD's at a big or not so big bank?
Technical hacking is almost always greased by personnel hacking. I
frankly wouldn't be surprised a purple suiter isn't in the employ of a
couple of banks, trading houses or the like. And if not, why not?

More information about the ISN mailing list