Pentagon Official Reveals Computer Security Breach... As Part Of Effort To Get More Power Over Critical Infrastructure?

from the how's-that-work? dept

You may have seen the various stories making the rounds about how some malicious trojan originally on an unsecured USB key was put into a military laptop in 2008, and then propagated around the military, hitting both classified and unclassified documents. Why is this massive security breach being declassified now? Well, to warn us how scary computer threats out there are:
Lynn's decision to declassify an incident that Defense officials had kept secret reflects the Pentagon's desire to raise congressional and public concern over the threats facing U.S. computer systems, experts said.
We've already noted that various government officials have been engaging in a massive hype campaign about "cyberwar" threats, in an effort to get more control over certain networks. But there's also a bit of an inter-departmental battle within government agencies over who should get to control these new powers. And, in this case, Deputy Defense Secretary William Lynn's revelation of this security breach is party of his jockeying to make sure that the Pentagon gets more power here, rather than Homeland Security:
He puts the Homeland Security Department on notice that although it has the "lead" in protecting the dot.gov and dot.com domains, the Pentagon -- which includes the ultra-secret National Security Agency -- should support efforts to protect critical industry networks.
As Jim Harper points out, however, this is the equivalent of saying we totally failed to protect our own systems, so put us in charge of more:
The failure of the military to protect its own systems creates an argument for it to have preeminence in protecting private computer infrastructure? Perhaps the Department of Homeland Security will reveal how badly it has been hacked in order to regain the upper hand in the battle to protect us.
Don't you feel safer?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Aug 27th, 2010 @ 9:15am

    I disagree

    The only time the federal govt EVER admits there's a problem (nver caused by them, of course) is a ruse to get more money. As in, "the reason XYZ isn't working is because we don't have sufficient funds".

    It's ALWAYS about money.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    Hephaestus (profile), Aug 27th, 2010 @ 9:18am

    Conspiracy Theory Alert ;)

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    imbrucy (profile), Aug 27th, 2010 @ 9:22am

    Re: I disagree

    I would amend that to say it always about money or power. Often the same thing but not always.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Dark Helmet (profile), Aug 27th, 2010 @ 9:23am

    Re: Conspiracy Theory Alert ;)

    Shall we discuss the Echelon Network? ;)

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    TtfnJohn (profile), Aug 27th, 2010 @ 9:55am

    As a veteran let me say that I have complete and total confidence in organizations like the military which have always geared up to fight the last war they were in.

    Homeland Security doesn't strike me as doing much different than various militaries have have thousands of years of practice in getting wrong.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Chronno S. Trigger (profile), Aug 27th, 2010 @ 9:58am

    I watched this movie already.

    There's a computer under NORAD called WOPR just waiting to take over the security of the nation. Just make sure your numbers in Sunnyvale, California are secure.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Overcast (profile), Aug 27th, 2010 @ 10:07am

    This is why the *privacy* of individuals should be maintained. Obviously government can't keep it's stuff secure.

    It's probably best in light of that, to keep any 'classified' information on separate networks with no route to the internet - at the very least.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Chucklebutte (profile), Aug 27th, 2010 @ 10:12am

    Orz

    /sigh

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Colonel Panik, Aug 27th, 2010 @ 10:13am

    Security

    No matter how paranoid or conspiracy minded you are,
    what your government is actually doing is worse than
    you can ever imagine.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Hephaestus (profile), Aug 27th, 2010 @ 10:17am

    Re: Re: Conspiracy Theory Alert ;)

    Echelon Network ... nothing to see here move along ;)

    No matter what nasty thing you suspect the government of doing they are most assuredly doing something worse.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Chosen Reject, Aug 27th, 2010 @ 10:43am

    Re: Re: Re: Conspiracy Theory Alert ;)

    And they're probably doing it more incompetently than you could imagine as well.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    PhilD, Aug 27th, 2010 @ 11:03am

    Wait,
    How do they possibly think that showing that they are incapable of properly handling their own security shows that they should be in charge of MORE peoples security?

    My brain hurts from trying to parse that "logic"

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Berenerd (profile), Aug 27th, 2010 @ 11:14am

    Re: I watched this movie already.

    and ban all searches for "Global Thermo Nuclear War"


    Take us to Defcon 1

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Berenerd (profile), Aug 27th, 2010 @ 11:19am

    Re:

    Let me help....

    The key to getting more money in power in government is showing need. Step 1, Show that you have the absolute best policy you can BS your way through to get the results you want. Step 2, spend your ENTIRE budget and then some on something having nothing to do with what you need money for (the more you spend the more you get...forget efficient and doing things the right way. Step 3, ask for more money cause obviously if you throw enough money into a bottomless pit you will get favorable results. Step 4, repeat until you win. Step 5, Profit.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    NAMELESS.ONE, Aug 27th, 2010 @ 11:32am

    This wasnt the worst

    wtf
    back years ago there was a hole that existed for 7 years i know and a few others know one UK guy got caught as did ONE american ...why cause they weren't given these tools to look they took them thus did not understand properly how to peek in.

    AND YES that meant for 7 years people were having a look around.....and you think a USB stick was bad?
    Funny how we got along fine without any added fed powers all that time....FUNNY don't ya think?

    P.S. the us govt hired the guy that got caught in the usa, even more funny as the rest of us that didn't.
    GO ahead pass the ip along i fear nothing.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Aug 27th, 2010 @ 12:10pm

    I spoke with a government contractor a few months back and he told me about the commanding general banning USB drive for this specific reason. His response was to use Dropbox.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Aug 27th, 2010 @ 2:11pm

    Ignoring government/intra-government attempts at grabbing power (and associated budget dollars), is there anyone here who believes that there is a means by which a third country could, in fact, precipitate a "cyber war"?

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Jimmy the Geek (profile), Aug 27th, 2010 @ 3:07pm

    Windows is not secure.

    Never ever ever put anything with any security classification on a windows box. Never ever ever put anything classified on a computer hooked to a network.

    Problem solved.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    freak, Aug 27th, 2010 @ 8:35pm

    Re: Windows is not secure.

    Well, there's something called encryption.

    An example of a secure networked system:
    Keep a network with the data, and one with the decryption key. The data can be an open network. The decryption is a closed network. For example, a laptop without wireless capabilities.

    Get a computer, read the data. Disconnect from data network, connect to decryption, read data. Disconnect, then flush intermediary computer.

    Without ever guaranteeing that there will not be a virus, (heck, put as many on there as you'd like), the virus has no way to send back meaningful information to anybody.


    Bonus points if the encryption is OTP.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Aug 27th, 2010 @ 9:54pm

    There Is No Excuse

    Any part of any government organization, that is supposed to be serious about security, world wide, which is still using Windows, needs to have its most senior officers sacked. The fact, that Windows has the worst security reputation of any operating system, is very well known. The fact, that Windows is the favorite target of computer criminals everywhere, is also very well known.

    There is no excuse for senior officers not knowing and acting on these facts. They need to be told from the highest political levels, "Shape up or ship out!" Unless the politicians are willing to develop the political will to make sure the job gets done properly, then the job will continue to be done badly. Politicians are perfectly capable of sacking very senior officers, when they have the will. Hold the politicians accountable.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Dick Wood, Mar 30th, 2012 @ 12:06pm

    Unicorns

    Why does my cock hurt so much? It won't go down. Argghhh, nurse..... Please help....

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This