David Kirkpatrick

August 27, 2010

US military hacked in 2008

Hacked by a compromised USB thumb drive. Just goes to show you can worry all day about technical threats and software backdoors and plain old network hacking, but all those assets out in the wild — people’s heads with sensitive passwords, unattended laptops, USB drives, et al. — can be hard to lock down and are usually the easiest way into a network.

From the link:

It was a USB drive loaded with malware.

That’s how U.S. defense networks were compromised in 2008, according to U.S Deputy Defense Secretary William Lynn, who today offered the first official confirmation of a data breach that led to restrictions on the use of removable USB drives in the military.

In an article written for Foreign Affairs magazine, Lynn said the breach occurred when a single USB drive containing malicious code was inserted into a laptop computer at a U.S. base in the Middle East. The malware, placed on the drive by a foreign intelligence agency, was uploaded to a network run by the U.S. Central Command.

The malware then spread — undetected — on both classified and unclassified systems, essentially establishing a “digital beachhead” from which data could be transferred to servers outside the U.S, “It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” Lynn wrote.

Here’s additional coverage of this story.

Update 8/30/10: And even more coverage. Looks like the actual threat was very low-level and involved the W32.SillyFDC worm.

August 5, 2010

Will the WikiLeaks issue close military/intelligence doors?

Michael Hayden hopes not. The relationship between intelligence agencies and the military is always pretty fragile and the WikiLeaks incident over posting classified video of a 2007 Baghdad helicopter attack a couple of months ago threatens to shut down a lot of communication between the government entities.

From the first link:

The recent publication of classified military documents on the whistleblower site WikLeaks should not be allowed to chill information sharing that’s been going on within the military and intelligence communities, the former director of the CIA said Tuesday.

In an interview, retired Gen. Michael Hayden, who led both the CIA and the National Security Agency (NSA), expressed concern over the potential for knee-jerk restrictions on data sharing in response to the incident.

“Senior leadership in the country will have to guard against over-reaction,” Hayden cautioned. “Clearly, we need to be careful. We have to pay more attention to security,” he said.

Wikileaks last week posted more than 90,000 military and intelligence documents on the ongoing war in Afghanistan. Bradley Manning, an Army intelligence analyst already charged with supplying WikiLeaks with a video allegedly showing a deadly U.S Apache helicopter attack in Iraq, is the prime suspect in the leak of the Afghanistan war documents.

March 17, 2010

The US military looked into undermining Wikileaks

And the modus operandi was mostly going to be a propaganda and sabotage effort to attempt to discredit the organization.

From the link:

In an ironic twist, Wikileaks has now published what appears to be an assessment of the site and the danger is poses to US military confidentiality, apparently from the US Army and Counterintelligence center and dated 18 March 2008.

Most of the report is a measured analysis of the site’s activities, modus operandi, funding and history, which then details numerous documents allegedly leaked to Wikileaks relating to US military activities in Iraq, Afghanistan and beyond that it sees as having handed intelligence to agencies hostile to the US.

Not sure if this is illegal, or not, and certainly there are national security issues with any military leak, but this type of covert action sure feel unAmerican.

Also from the link, here’s the lovely company our military was hoping to join:

A justification for following this course of action is considered to be that other countries have attempted to do the same.

“The governments of China, Israel, North Korea, Russia, Thailand, Zimbabwe, and several other countries have blocked access to Wikileaks.org-type Web sites, claimed they have the right to investigate and prosecute Wikileaks.org and associated whistleblowers, or insisted they remove false, sensitive, or classified government information, propaganda, or malicious content from the Internet,” says the report.

November 20, 2008

USS Liberty document dump

Filed under: et.al., Media, Politics — Tags: , , , , , — David Kirkpatrick @ 4:36 pm

Looks like a lot of government material surrounding the USS Liberty incident — for those who don’t know, that was a 1967 attack on a US Navy intelligence ship by the Israeli airforce. To this day it’s not certain whether it was a horrible accident, or a brazen military strike by Israel against an ally.

Ambinder has a link to the doc dump and some insight:

From the link:

On Monday, thanks to the National Security Archive, the National Security Agency released thousands of pages from its enormous, official, classified history of the nation’s signal intelligence and communications security operations during the code war. Its author is Dr. Thomas Johnson, the agency’s official historian.

Also from the link:

The entire history, which will take us afficiandos a while to pluck through, was once classified as Top Secret Umbra, with Umbra denoting intelligence of a specific level of sensitivity. At the bottom of the document, the reader is instructed to Handle Via Talent-Keyhole Comint Channels Jointly.  For those who aren’t intel fetishists, Talent-Keyhole is a category designation of sensitive compartmented information that deals with signals intelligence. Talent information deals with aircraft-gathered intelligence; Keyhole denotes imagery (imint) from satellites. Comint refers to sensitive signals intelligence methods and sources. Basically, the history was written at a level of classification that basically forbid even many intelligence professionals from reading it.

Of course, that’s all been declassified. Or most of it — the documents are studded with fascinating redactions…