Thursday, July 06, 2006

FBI's Computers Hacked

Consultant Breached FBI's Computers
Frustrated by Bureaucracy, Hacker Says Agents Approved and Aided Break-Ins

A government consultant, using computer programs easily found on the Internet, managed to crack the FBI's classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.

The break-ins, which occurred four times in 2004, gave the consultant access to records in the Witness Protection Program and details on counterespionage activity, according to documents filed in U.S. District Court in Washington. As a direct result, the bureau said it was forced to temporarily shut down its network and commit thousands of man-hours and millions of dollars to ensure no sensitive information was lost or misused.

The government does not allege that the consultant, Joseph Thomas Colon, intended to harm national security. But prosecutors said Colon's "curiosity hacks" nonetheless exposed sensitive information.

According to Colon's plea, he entered the system using the identity of an FBI special agent and used two computer hacking programs found on the Internet to get into one of the nation's most secret databases.

full article

This once again proves how inadequate the defenses of the Federal government's computer systems are. As someone who has designed many office networks I can only guess at how daunting the task of defending networks that large could be. Words like Herculean come to mind. Whats scary is that the FBI and the CIA have the two best defended networks in the Federal government.

We're fortunate in this case that Colon was merely skirting proper procedure rather than acting out of malice. And there are those that that seek to infiltrate our governments computer networks that truly have malice in what passes for their heart.

From the Washington Post:
Cyber-Attacks by Al Qaeda Feared

Its old news but whats important is that the intent is there. And according to this interview Al Quaeda has been the pushing the boundaries of what can be done over the internet for 20 years

"I've been tracking Al Qaeda and actually bin Laden and his group forward since the late 1980s. And it's simply because as a group that is operating in what can be referred to as best practice, they really are very good at what they do. I'm always willing to learn from somebody who may learn something that I should know. So I've been watching them for quite a while. And they are very, very good at everything from money laundering, to secure communications. And to underestimate them at any point in time is suicidal."

About two years ago the show Frontline did an excellent piece on threats to American security from the internet called Cyber War. Its well worth watching additionally there are transcripts from interviews that didn't make it into the show including one with former White House Cyber Security Advisor Richard Clarke as well as one with a professional for hire hacker. You can also watch the program here.

I can sum it up for you though:

Its all fun and games until someone opens up a dam over the internet.

hat tip to Gun Toting Liberal