UNITED24 - Make a charitable donation in support of Ukraine!

Intelligence

AFPS Article Banner

98153. Hamre Acts to Hamper Hackers

By Linda D. Kozaryn
American Forces Press Service
	BRUSSELS -- As U.S. troops, combat aircraft and warships 
gathered in the Persian Gulf in February, the U.S. military was 
quietly attacked on a second front. Defense officials detected 
systematic, sophisticated intrusions into DoD computer networks.
	Was this the work of hackers who regularly attempt 
electronic break-ins, or was it a true cyber attack by the 
Iraqis? That was the question defense and justice department 
officials had to answer -- quickly. What they learned is now 
serving as a wake-up call at home and abroad. 
	Deputy Defense Secretary John J. Hamre traveled to Europe, 
March 14 to 19, to discuss the growing threat to computer-based 
information systems. In Cologne and Bonn, Germany, Brussels, 
Belgium,  Paris, The Hague and London, Hamre warned NATO allies: 
if this can happen to us; it can happen to you. Because computers 
are linked together, information assurance is only as strong as 
the weakest link in the chain, he said.
	People regularly try to breach DoD computer networks, Hamre 
explained here March 17. "We get people every day who are just 
pinging on our computers," he said. "It's been going on for 
several years. There's kind of a hackers' mentality that it's fun 
to get inside."
	In the first part of February, DoD officials noticed a 
pattern which could have been the early stage of a computer 
attack. They noticed the incidents of break-ins were more 
frequent and more systematic, Hamre said. "Because this was 
occurring at the same time we were preparing for potential 
operations in the Gulf, we were particularly concerned that they 
might be related."
	For three weeks, defense officials tracked unauthorized 
activity. "After about the first week, we became convinced that 
it was probably hackers," Hamre said. "But, we didn't know for 
sure because there was an overseas element to this."
 	As it turned out, in late February the FBI arrested two 16-
year-old boys in California for allegedly breaking into DoD 
networks. Even though Pentagon officials were relieved, the 
incident remained cause for grave concern since it could well 
have been an Iraqi cyber invasion. 
	Hamre said the teenagers did not get into DoD's classified 
computers which were all protected. "But, we still do an awful 
lot of things over unclassified systems that could have been 
damaged." The episode stressed the importance of better 
protecting DoD systems.
	"Two kids were able to create an awful lot of disruption in 
the Department of Defense," Hamre said. "We went to 24-hour 
shifts. We created a crisis action team. We had to go through an 
enormous amount of effort to protect the computer systems, to 
monitor them and clean them up."
	Was it simply a test of skill for the two young hackers? Did 
they understand it was wrong to break into these computers? Hamre 
said children who've grown up with computers may not understand 
the difference between what's real and what's a game. They may 
not understand that breaking into a computer electronically, is 
no different than breaking into somebody's house. It's private 
property.
	"One of the kids, when asked why did he do it, said, 'It's 
the power, dude,'" Hamre reported. What they may not realize "is 
that they're really opening doors for other people whose motives 
aren't as innocent."
	Private industry as well as the government needs to change 
this mindset and instill computer discipline, Hamre said. "There 
was a famous case several years ago about a clique that would 
break into computers to change the grades kids got in classes." 
	Hackers even defaced the CIA homepage about two years ago, 
changing the title from the "Central Intelligence Agency" to the 
"Central Stupidity Agency." While the CIA break-in was obvious to 
anyone opening the homepage, detecting electronic breaches is not 
always easy, Hamre said. "What's a lot harder is if someone 
doesn't want you to know they've been in your computer and 
they've manipulated the data.
	"Let's say that a hacker -- just to have fun -- got into the 
Pentagon's telephone directory and changed every tenth number. It 
would take several days to figure out why the numbers were not 
going through? Since it wouldn't be happening all the time, it 
wouldn't be clear that a computer hacker had randomly changed 
telephone numbers."
	The potential for disrupting defense operations via computer 
manipulation is multifaceted, Hamre said. Almost all DoD business 
is now done on computers -- everything from sending messages, to 
ordering supplies, to paying troops, to keeping track of medical 
records. "If someone can come in and disrupt those computers, 
change the data or send misleading messages, they could do 
tremendous damage to a military operation."
	Once it's discovered data has been intentionally 
manipulated, people lose confidence in computer networks, Hamre 
said. "How do you know that it's real? You're looking at a screen 
and the name says John Hamre, but how do you know it's really 
John Hamre at the other end of that computer terminal?
	"It takes you a long time to regain confidence in the 
system. You have to download all the computers, go back to 
historical tapes, bring them back up again, and see if that data 
looks real. It's a very long and cumbersome and expensive 
process."
	The recent experience highlights the need for a much more 
systematic "information assurance" program to safeguard 
computers, Hamre said. The goal is to ensure DoD computer 
information is "true, reliable and has not been manipulated," he 
said. This will require continually monitoring central computer 
processors and employing software that automatically signals an 
alert. Sensitive data must be encrypted and unauthorized people 
must be kept off the net.
	So far, DoD classified networks have been secure. Firewalls 
separate them from the other networks, Hamre said. "But, 
firewalls in computers are just like firewalls in a movie 
theater. They simply slow the movement of the fire so people can 
get out of the building. A firewall in software simply slows down 
a hacker as they're working their way through it so you can take 
action."
	In the long run, DoD will have to encrypt data that goes 
from one computer to the next. "Before it leaves the computer, 
the message gets scrambled and then decoded at the other end," 
Hamre explained. Routine commercial transactions will be 
encrypted, while classified networks will have much stronger 
encryption.
	"Key recovery" will go hand-in-hand with encryption. "You 
have to encrypt the data so that it can't be read when it's going 
over public networks. Then you have to develop a system of 
electronic identification so that when you're reading that 
encrypted message, you can confirm whoever sent it to you is 
really that individual."
	DoD employees will have an "electronic dog tag," Hamre said 
Although some people fear this will enable the government to read 
their e-mail, he said, this is not the case. "Our program is 
simply going to be buying encryption and key recovery for 
Department of Defense communications so we'll be able to confirm 
who's talking to us." 
	Eventually, Hamre said he believes most people are going to 
want to adopt encryption so that when they use their credit card 
on the Internet, it's not going to be compromised. "Most business 
applications and Department of Defense applications will require 
a key recovery system so that we'll have confidence in who we're 
talking to." 
	DoD has already has negotiated a contract with Netscape to 
place an encryption and key recovery system on the web browser 
for more than a million DoD users. "This fall, we hope to have 
this encryption and key recovery system operational," Hamre said.
	Another related DoD goal is promoting computer literacy 
among the ranks, Hamre said. Young troops today have far more 
computer savvy than the previous generation, he said. "We ought 
to find ways to help soldiers, sailors, airmen and Marines who 
have an interest in computers to become more proficient." 
	Unfortunately, retaining highly skilled people is difficult. 
"As soon as our people become trained they become very attractive 
to the private sector," Hamre said. He's asked Rudy deLeon, 
undersecretary for personnel and readiness, to suggest personnel 
policy changes to ensure DoD trains and keeps highly skilled 
computer people. This may include added tuition assistance and 
training programs and bonuses in certain critical skill areas. 
DeLeon is scheduled to report his recommendations in about three 
weeks, he said.
	"I hope this generation becomes even more interested in 
computers than what they are now because we're going to need 
their help," Hamre said. "Us old buzzards don't know what to do."


##END##



NEWSLETTER
Join the GlobalSecurity.org mailing list