On June 22, 2007, Defense Secretary Robert Gates acknowledged that the Pentagon’s network had been successfully attacked the previous Wednesday, and that this attack was responsible for a disruption in email service to some 1,500 Pentagon employees. At the time, Gates downplayed the attack, saying that it affected only the OSD’s (Office of the Secretary of Defense) non-classified e-mail service and that there was “no anticipated adverse impact on ongoing operations.” It seems that the adverse impact of the June attack may have been much greater than Gates’ early guidance implied. According to a top DoD technology official quoted at GovernmentExecutive.com, the thieves behind that attack seized an “amazing amount” of data.
New details on the attack itself have become available in the months since it occurred. According to Dennis Clem, CIO of the Pentagon and the OSD, the intrusion was first detected during an IT restructuring that was underway at the time. By the time it was detected, malicious code had been in the system for at least two months, and was propagating via a known Windows exploit. The bug spread itself by e-mailing malicious payloads from one system on the network to another. The messages themselves were spoofed and appeared to be legitimate missives from other employees. Once the recipient opened an infected e-mail, the worm sent that person’s password and other login credentials back to home base. (link)
0 Responses to “Chinese hacker to Pentagon: all your data belong to us”