Hackers Attack USAF Computers
Visitors Since
October 15, 2001.
Past Articles
* Computer Security
* Foreign Espionage
* Industrial Espionage
* Personal Security
* Personnel Security
* Physical Security
* Security Management
Other Security Links
E-Mail Us
* ASIS
* NCMS
* VSAC
* Webmaster
We join with those who mourn the loss of life, the injuries, and the disruption of lives caused by the attacks against Washington, DC, and New York, N.Y. All those effected -- the brave people who helped in rescue efforts, those involved in America's response to terror and in the war with Iraq-- are in our thoughts and prayers.
Aerospace Corporation
Vandenberg AFB, CA
The summer 1996 hearings by the Senate Governmental Affairs Permanent Investigations Subcommittee is focusing on the vulnerability of DOD computers. This highlighted the recently declassified story of the March-May 1994 assault by a pair of hackers against AF computers.
According to press accounts, on March 28, 1994, network administrators at Rome Air Development Center, Griffiss AFB, NY, discovered that their system had been broken into five days earlier. The Defense Information Systems Agency (DISA) sent a Computer Emer-gency Response Team (CERT) of experts to kick off an investigation that quickly spiraled. Other agencies involved in the month and a half investigation included the AFOSI, the AF Information Warfare Center, and New Scotland Yard.
The two hackers, “Datastream” and “Kuji”
* Downloaded sensitive unclassified
battle-field simulation program data from RADC (the USAF’s command and
control research facility);
* Compromised 100 user accounts;
read, copied, and deleted e-mail from 30 different RADC systems.
* Stole all the data from the
Korean Atomic Research Institute and stored it on the RADC computer, leading
to fears the Koreans would think the USAF was conducting electronic espionage
against them; and
* Stole a 3-4 megabyte artificial
intelligence program dealing with the Air Order of Battle from Wright-Patterson
AFB, OH.
Allegedly the hackers successfully compromised other systems included:
* the National Aero-Space Plane
Joint Program Office at Wright-Patterson AFB, OH;
* NASA’s Goddard Space Flight
Center in Greenbelt, MD, and Jet Propulsion Laboratory in Pasadena, CA;
* the Department of Energy’s Brookhaven
National Laboratories in New York;
* four California and one Texas
network of an aerospace industry firm; and
* SHAPE at The Hague, Netherlands.
The investigative team monitored the hackers’ activities and turned to informants to “surf the Net” for clues. The sources on the Net provided a lead on a United Kingdom hacker known as the Datastream Cowboy who liked to hack into American military systems because they were so insecure. On May 12, 1994, New Scotland Yard entered the home of Datastream, a 16 year old British boy with a 486SX-25 desktop, and arrested him. He had been making free calls by “phone phreaking,” and paid for his Internet time with a credit card number generated by a program he had downloaded from the Internet.
Datastream, the less skillful of the two hackers, had been mentored by Kuji, whom he had met only on-line. He provided many of the stolen files to Kuji, who has not yet been identified. Since Kuji has not been apprehended, authorities do not know where the stolen files were sent or how much damage was done to national security. The GAO estimated the cost to the government was over $500K, not counting the value of the stolen research data.
There is even more bad news. During 1995, DISA launched 38,000 on-line attacks to probe the defenses of DOD computers. Only 4% of the at-tacks were detected and only 27% of those were reported to the proper offices. DISA has estimated that hackers attacked Pentagon computers about 250,000 times in 1995. As many as 65% of these were successful! The National Security Agency reports that almost 120 countries can program computer attacks against the US.
More and more of our valuable information is stored on computers linked to networks. The threat against them is different from the traditional espionage case government and contractor professionals have studied for years. If a 16-year old with an old computer can do such damage, imag-ine what an industrial or international spy with years of training could do! In the future, the measures we take to understand and defend these systems may mean the difference between success and failure.
[Webmaster's note: This article was written in July 1996 for the VSAC News, NCMS Channel Islands Newsletter, and NCMS National Newsletter.]