Defense Intelligence Agency details plots aimed at military
By Bob Windrem
NBC NEWS PRODUCER
WASHINGTON — The U.S. Defense Intelligence Agency has been trying to track hackers who might do harm to the nation's military computer system, and it issued a report in 1995 that describes two plots in this emerging field of warfare. The May 1995 report warned that Cuba was working on a computer virus to infect U.S. civilian computers and described an aborted KGB plan to do the same thing.
PRIOR TO THE August 1991 coup attempt in Russia, the KGB was developing computer viruses to disrupt computer systems "during times of war or crisis," according to the DIA report.
In Cuba, meanwhile, the Military Intelligence Directorate of the Ministry of the Armed Forces began trying to obtain information to develop a computer virus to infect U.S. civilian computers.
"Details of this specific endeavor are not known; however, the point is that such efforts continue to be made and could potentially cause irreparable harm to any nation's demise," the report says.
The existence of the Cuban plan was confirmed Friday by Amaury Caballero, an electrical engineer who came to the United States in 1992 after working as a professor at the University of Havana. Caballero said that while he was at the university, a team of fewer than 20 people was put together from the university, Havana's Higher Polytechnical Institute and the Cuban Academy of Sciences. "I know they met at the Ministry of Defense in the Plaza de la Revolution in Havana," said Caballero, now a visiting assistant professor at Miami's Florida International University. "They met there frequently and trying to organize, to see how they can do that. They had different specializations; they had electronic people, they had software people, computer network people, trying to find some way to do that."
ASSESSING THREATS TO THE MILITARY
Although there is no other information in the DIA report that specifies foreign interest in computer viruses, there is a great deal on the general nature of the foreign threat. The report was declassified and obtained under the Freedom of Information Act by William Arkin, an independent military researcher who focuses on national security issues related to the Internet.
|
Arkin says the disclosures in the report are the first he has seen related to specific foreign threats to the U.S. computer network.
"Previous to this, we have seen a lot of boilerplate discussion of what could happen without any specifics," said Arkin, who works out of a converted barn in Pomfret, Vt. "Much of what has been put out by the Pentagon and the intelligence agencies has been based on our capabilities, what we can do to the other side in a conflict." In general, the report states that "the scope for the military use of malicious software, both strategically and tactically, is large, and as the offensive potential for this type of weapon becomes apparent, governments are more likely to become involved in malicious software research."
THE POWER OF OVERSEAS HACKERS
It also discusses the potential for damage from hackers who operate from overseas as an example of what even limited attacks can do.
It lists four incidents in which defense and defense-related computers have been subject to intrusions:
A 1980's attack by a group of hackers that operated out of Hannover, Germany, using telephone lines to gain access to more than 250 computers systems, including databases and networks hosted by at least 90 U.S. defense-related facilities. The subject of Clifford Stoll's book, "The Cuckoo's Egg," the group was reported to have shared some of its information with the KGB. A series of attacks in 1990-91 by Dutch teen-agers on 34 Defense Department sites, including the Air Force Weapons Laboratory, the David Taylor Research Center, the Army Information Systems Command and the Navy Ocean Systems Command during the Gulf War. "They were snooping in sensitive rather than classified military information," the report says, adding the hackers "had exploited a trap door to permit future access and copied military information to unauthorized accounts on U.S. university systems."
A hacker entered several systems at the Lawrence Livermore National Laboratory in early December 1988, gaining system manager status. Since the hacker removed and altered audit records.
In June 1992, British authorities arrested a group of hackers and seized records showing that the hackers had obtained passwords for computers in places as distant as Finland and New Zealand. A review of information supplied by the British showed they had entered five Defense or defense-related computers.
According to the DIA's assessment, the nation's military computer systems are vulnerable to what it considers a growing threat.
"The reliance on computers, automated weapons, and other automated systems critical to the performance of military missions has grown tremendously in recent years. … Computer viruses and other malicious software are already pervasive throughout the world, and the capability for its production is growing."