Air Force hacks Navy? Eeeek!
Read this. It's from the Electronic Telegraph, a neat web site in the UK. This article was later posted to comp.risks, and hence, Risks Forum digest, which is where I found it. The paragraphs have been numbered for easy reference. ---------------------------------------------------------------------------- (paragraph 0) http://www.telegraph.co.uk/et/ (paragraph 1) A few clicks and then the e-mail message entered the ship's control system... War of the microchips: the day a hacker seized control of a US battleship (paragraph 2) BY SIMPLY dialing the Internet and entering some well-judged keystrokes, a young US air force captain opened a potentially devastating new era in warfare in a secret experiment conducted late last September. His target was no less than gaining unauthorised control of the US Navy's Atlantic Fleet. (paragraph 3) Watching Pentagon VIPs were sceptical as the young officer attempted to do something that the old Soviet Union had long tried to do and failed. He was going to enter the very heart of the United States Navy's warships - their command and control systems. (paragraph 4) He was armed with nothing other than a shop-bought computer and modem. He had no special insider knowledge but was known to be a computer whizzkid, just like the people the Pentagon most want to keep out. (paragraph 5) As he connected with the local node of the Internet provider, the silence was tangible. The next few seconds would be vital. Would the world's most powerful navy be in a position to stop him? (paragraph 6) A few clicks and whirrs were the only signs of activity. And then a seemingly simple e-mail message entered the target ship's computer system. (paragraph 7) First there was jubilation, then horror, back on dry land in the control room at the Electronic Systems Centre at Hanscom Air Force Base in Massachusetts. Within a few seconds the computer screen announced "Control is complete." (paragraph 8) Out at sea, the Captain had no idea that command of his multi-million-dollar warship had passed to another. One by one, more targeted ships surrendered control as the codes buried in the e-mail message multiplied inside the ships' computers. A whole naval battle group was, in effect, being run down a phone-line. Fortunately, this invader was benevolent. But if he could do it ... (paragraph 9) Only very senior naval commanders were in the know as the "Joint Warrior" exercise, a number of experiments to test defence systems, unfolded between September 18-25. Taking over the warships was the swiftest and most alarming of the electronic "raids" - and a true shock for US military leaders. "This shows we have a long way to go in protecting our information systems," said a senior executive at the airbase where the experiment was conducted. (paragraph 10) The exact method of entry remains a classified secret. But the Pentagon wanted to the first to test the extent of their vulnerability to the new "cyberwarriors" - and had the confidence to admit it. (paragraph 11) Now they believe they know what they are dealing with and the defences are going up. (paragraph 12) Reply to Electronic Telegraph - et@telegraph.co.uk Electronic Telegraph is a Registered Service Mark of The Telegraph plc -------------------------------------------------------------------------- This sounds very fantastic, like the plot of a movie. Indeed, _Hackers_ featured a "worm" that took over control of the ballast of oil tankers. Perhaps this is a case of a journalist being a good writer but not fully understanding the topic at hand. Does anyone know how true this article is? Or where we could find more info? If it is true, then this is almost scary. Let's pick the article apart: In paragraph (1), the author refers to "the day a hacker siezed control over a US battleship." I assume that "hacker" and "battleship" are being used loosely, as, as noted in an IW-list posting that I received a few minutes ago, there are no currently active US battleships. (?) In paragraphs (2) and (5), the author refers to the "hacker" "dialing the internet" and "[he] connected with the local node of the Internet provider." This implies that the whole operation was conducted over the internet. Do battleships even have internet connections? They may. But the military certainly wouldn't dialup through a civilian ISP where their data goes through unknown hands to perform a very secret operation. Everything is doubtlessly encrypted - was the attack performed with or without keys? Or was the crypto somehow bypassed? The intruder is referred to as "young US air force captain" in par 2, a "young officer" in par 3, a "computer whizzkid" in par 4, an "invader" in par 8, and a "cyberwarrior" in par 10. Who was he? I would assume that it was more likely a group of people who were "in the know." Even the average "Joe Hacker" (is there such a thing?) would have trouble controlling a "batteship" let alone through an ASCII connection. In par 2, the author states that the intruder was attempting to gain "unauthorised control of the US Navy's Atlantic Fleet" (sic). If these were indeed "Joint Warrior" experiments, then it would be authorized. Throughout the article, references are made to the attack beginning with "a simple email message." This could be possible, but it seems that a higher means of control would be necessary. Anyhow, the whole article seems factually incorrect. I'm very interested in finding out more on what ACTUALLY happened, tho.. Tobin Fricke fricke@roboben.engr.ucdavis.edu
Light Ray <fricke@roboben.engr.ucdavis.edu> said: LR> Read this. It's from the Electronic Telegraph, a neat web site in LR> the UK. This article was later posted to comp.risks, and hence, LR> Risks Forum digest, which is where I found it. The paragraphs have LR> been numbered for easy reference. [...] LR> Let's pick the article apart: [...] I saw the IW article that Light Ray saw in the RISKS Digest, and, while it raises some valid questions, it in turn has some internal problems. For example, the IW author apparently doesn't understand the difference between a Navy captain (O-6) and an Air Force captain (O-3), dismissing the whole story because a Navy captain would be far to old to be a 'whizzkid'. Problem is the story said it was an Air Force captain, and a newly pinned AF captain would certainly be young enough to be considered one in the military culture (had I stuck it out through ROTC, I would have been able to make captain at 24). While the ET article looks like it was written by someone who didn't understand the fine details of what happened, the IW article looks like it was written as military smokescreen. -- #include <disclaimer.h> /* Sten Drescher */ To get my PGP public key, send me email with your public key and Subject: PGP key exchange Key fingerprint = 90 5F 1D FD A6 7C 84 5E A9 D3 90 16 B2 44 C4 F3 Junk email is NOT appreciated. If I want to buy something, I'll find you.
I saw the IW article that Light Ray saw in the RISKS Digest, and, while it raises some valid questions, it in turn has some internal problems. For example, the IW author apparently doesn't understand the difference between a Navy captain (O-6) and an Air Force captain (O-3), dismissing the whole story because a Navy captain would be far to old to be a 'whizzkid'.
Am I reading a different article? What I read was that the IW person talked to several inside sources and found out and reported facts. S/He made a mistake in saying Navy instead of AF somewhere in his posting to Risks and fixed it before sending it to the IW list (which is where I got it). From what I read, s/he found out the truth from people who knew the truth and tried to get the word out.
I would have been able to make captain at 24). While the ET article looks like it was written by someone who didn't understand the fine details of what happened, the IW article looks like it was written as military smokescreen.
I thought the ET article indicated an exaguration, but if it's true that there are no Battleships in the US Navy anymore and that the attack was run using DoD crypto equipment and networks, it's a heck of a lot different than buying an off-the-shelf Internet package and taking down the fleet. I have no doubt that someone with enough expertise, classified knowledge and equipment, access, and assistance can get some limited control over some US Navy ships for some period of time - but I seriously doubt that a computer whizzkid can take over the fleet from a PC via Email. -> See: Info-Sec Heaven at URL http://all.net/ Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
The following article is from Defense News Oct. 9-15, 1995 pp1,37. Hacker Exposes U.S. Vulnerability By Pat Cooper and Frank Oliveri Defense News Staff Writers Washington -- A U.S. Air Force captain, using a personal computer and a modem, penetrated the command and control systems of U.S. Navy ships operating in the Atlantic Ocean, exhibiting the awesome offensive capability of information warfare and the significant danger U.S. forces are just beginning to learn how to counter. Air Force personnel based at Hanscom Air Force Base, Mass., with the knowledge and permission of the Navy, penetrated the computer systems of naval ships in the Atlantic Ocean, Air Force Lt. Gen. John Fairfield, deputy chief of staff for command, control, communications and computers, said Sept. 25. Using standard computers, Air Force operators tapped into the Internet, via a telephone link to the information superhighway, and connected with a ship through an electronic mail link in one of the ships' networked computers, Air Force Officials said Sept. 28. Once inside the ship's computer network, Air Force Operators navigated to the ships command and control system and could have given the ship bogus steering commands, Fairfield said. The methods of the break-in and the actual vulnerabilities it exposed are classified. <lots more text> jps -- Jack P. Starrantino (215) 674-0200 (voice) SEMCOR, Inc. (215) 443-0474 (fax) 65 West Street Road jps@semcor.com Suite C-100 Warminster, PA 18974
participants (4)
-
fc@all.net -
jps@monad.semcor.com -
Light Ray -
Sten Drescher