Monday, September 03, 2007

Chinese military hacked into Pentagon

From the Financial Times:

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American ­officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.


Sami Saydjari, chief executive of Cyber Defense Agency and a former Pentagon cyber expert, warns of the potential for terrorist groups, such as al-Qaeda, to attack the financial, telecoms, and power sectors.

To underscore the threat, he notes that no cyber red team – hackers enlisted to attack systems to help identify weaknesses – has ever failed to meet its objective.

Gregory Garcia, the assistant secretary for cyber security at the department of Homeland Security, says the number of cyber incidents reported to the department’s computer readiness team so far this year is 35,000. That compares to 4,100 for the whole of 2005.

I've spoken on this before but we really need to get our ducks in a row when it comes to national network security. I know why the problem hasn't been fixed and thats cost and lack of political will. Nothing will be done until after something major happens. Unless the govt currently has some sort of network security Manhattan Project going on odds its up to the private sector to provide a solution. Needless to say a company that can provide a significantly more secure OS or an adaptive and/or reactive firewall stands to make billions. Ultimately its just a matter of time before one or the other happens.

Additionally its too easy to paint China as the villain here. Anyone capable of cracking our network could have just as easily cracked theirs and launched their attack from a compromised Chinese govt computer. Without inside confirmation that the hacking was by the PLA we'll never be one hundred percent certain. (However we have to treat the attack as though the information downloaded is in the hands of China.) We have in essence moved into an IT cold war in which an individual or group can be as much of a threat to our networks, financial sector, or infrastructure as any state. Now isn't that a comforting thought?