Skip to main content
ad info
  
CNN.com technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
  
 

  
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)
[CNN Money] BUSINESS
Playing for Iraq's jackpot

Coke & smoke bite Dow

Sun Microsystems posts tiny profit

(MORE)

MARKETS
4:30pm ET, 4/16
DJIA
144.70
8257.60
NAS
3.71
1394.72
S&P
10.90
879.91
 
[SI.com] SPORTS
Jordan says farewell for the third time

Shaq could miss playoff game for child's birth

Ex-USOC official says athletes bent drug rules

(MORE)

> All Scoreboards
WEATHER
All cities
WORLD

Quake help not fast enough, says Indian PM
U.S.

Bush: No help from Washington for California power crunch
POLITICS

Bush signs order opening 'faith-based' charity office for business
LAW

Prosecutor says witnesses saw rap star shoot gun in club
ENTERTAINMENT

Can the second 'Survivor' live up to the first?
HEALTH

Heart doctors debate ethics of testing super-aspirin
TRAVEL

Nurses to aid ailing airline passengers
FOOD

Texas cattle quarantined after violation of mad-cow feed ban
ARTS & STYLE

Ceramist Adler adds furniture to his creations

(MORE HEADLINES)
MAINPAGE
WORLD
U.S.
WEATHER
BUSINESS
SPORTS
TECHNOLOGY
 *
computing
personal technology
SPACE
HEALTH
ENTERTAINMENT
POLITICS
LAW
CAREER
TRAVEL
FOOD
ARTS & STYLE
BOOKS
NATURE
IN-DEPTH
ANALYSIS
LOCAL
EDITIONS:
CNN.com Europe

 change default edition
MULTIMEDIA:
video
video archive
audio
multimedia showcase
more services
E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
 
DISCUSSION:
chat
feedback
CNN WEB SITES:
CNN Websites
CNNfyi.com
CNN.com Europe
AsiaNow
Spanish
Portuguese
German
Italian
Danish
Japanese
Chinese Headlines
Korean Headlines
TIME INC. SITES:
CNN NETWORKS:
Networks image
CNN anchors
transcripts
Turner distribution
SITE INFO:
help
contents
search
ad info
jobs
WEB SERVICES:

Digital assault against Pentagon rises

From...
 Computerworld

by Dan Verton

(IDG) -- The number of cyberattacks and intrusions into Pentagon computer networks this year is expected to top off at 24,000, an increase of 5 percent compared with last year, said the U.S. Department of Defense. However, the overwhelming majority of those intrusions are due to known vulnerabilities and poor security practices.

Ninety-nine percent of the successful attacks and intrusions can be attributed to known vulnerabilities and security gaps that have gone unfixed and poor security practices by defense agencies, said Navy Capt. Robert West, the deputy commander of the Pentagon's Joint Task Force for Computer Network Defense.

Malicious hackers and other criminals penetrated Pentagon network security at least 14,059 times during the first seven months of this year, said West. That number will probably increase by at least 10,000 before the year ends, he said. Hackers stung the Pentagon at least 22,144 times last year and 5,844 times in 1998.

  MESSAGE BOARD
Security on the Net
 
  ALSO
FBI: 'Tis the season for cyberattacks
 

"These incidents will have served a constructive purpose if the Pentagon is willing and able to learn from them," said Steven Aftergood, a defense and intelligence analyst at the Federation of American Scientists in Washington. "By exposing and highlighting vulnerabilities, the attacks can actually help to inoculate the system during times of crisis. But only if the appropriate lessons are learned now."

But John Shissler, a member of the Senior Professional Staff at the Johns Hopkins University's Applied Physics Laboratory and a former military intelligence officer, said the number of successful attacks raises questions about the Pentagon's preparedness to withstand more skilled adversaries.

"We are currently operating in a relatively benign international environment yet we were hard pressed to deal with the detected hacks," said Shissler. "In my opinion we have a raging case of technological hubris and are ready to be taken to the cleaners by a savvy adversary."

IDG.net INFOCENTER
IDG.net
Related IDG.net Stories
Features
Visit an IDG site


IDG.net search



In addition to weak security practices by Defense Department (DOD) network administrators, the increase in the number of attacks can be attributed to the greater availability of sophisticated hacker tools on the Internet, said West. "Someone with a very limited amount of computer skills can do a lot of damage," he said.

The increase in the number and the sophistication of the attacks pose a significant threat to DOD plans to use computer networks as part of its overall strategy to fight future conflicts, a concept known throughout the Pentagon as "network-centric warfare."

Despite claims by senior officials that DOD's classified systems are immune from attack, there are several connections between the Pentagon's top secret and secret networks and the unclassified network that connects to the global Internet that make them vulnerable, said West. However, sophisticated encryption devices designed by the National Security Agency protect the classified networks.

"All of our various layers of networks are connected," said West. "Regardless of classification, there are connections and you are dependent on that infrastructure."

However, legal restrictions have hampered the DOD's ability to respond to attacks and track down hackers, West said. Due to legal and privacy restrictions, the department is prohibited from pursuing hackers beyond its networks. The agency can take defensive measures to stop a hacker, but to actively catch and prosecute a hacker, it must go through the FBI.

"We don't go outside of our firewalls, but we'd like to," said West.

One solution that the department is working on, said West, is a concept called "legal hot pursuit." Pentagon criminal investigators are searching for a legal framework that would enable them to use one search warrant to track hackers back through the multitude of Web sites they often use as launching pads for their attacks, said West.

Today, these investigations require separate search warrants for every system used as part of a distributed denial-of-service attack.



RELATED STORIES:
U.S. official: Superpower status risks cyberattack
August 25, 2000
U.S. Army kick-starts cyberwar machine
November 22, 2000
U.S. government agencies shape cyberwarning strategy
August 15, 2000
Hospital confirms copying of patient files by hacker
December 15, 2000
Report finds progress in cybersecurity in private sector
December 6, 2000
RELATED IDG.net STORIES:
You better watch out...and Santa's got nothing to do with why
(Computerworld)
Hospital confirms copying of patient files by hacker
(Computerworld)
U.S. could face 'Pearl Harbor' in cyberspace
(PCWorld.com)
Credit-card numbers exposed in extortion attempt
(Computerworld)
FTC, FBI sites leave opening for hacker access
(IDG.net)
Proposed cybercrime laws stir debate at conference
(Computerworld)
Under siege
(The Industry Standard)
Satan for security
(The Industry Standard)
RELATED SITES:
The Pentagon
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 Search   
Back to the top  © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.