More information on Titan Rain (“Hack attacks”)



Earlier this year there was an article or two about a rumored “hack attack” that was ongoing against US Government (and contractor) computer systems. The stories claimed that the attacks seemed to be coming from China. Today I’m seeing a couple of articles on the topic. First up is an AFP story on the problem it sounds as though little attention has been paid to hardening systems. There is speculation that the Chinese military is involved in the breakins. One incident was very neatly and methodically done, planting a backdoor in 30 minutes.


It’s possible that military flight planning software was copied. What seems to be the worst is that any incidents that happen are being kept secret. (I don’t have a problem with it being secret from the general public, but you would think the organization would see the problems and take BIG steps internally to deal with them.) The only improvements in security seem to be in the Air Force information systems.

As to the origin of Titan Rain….

The attacks have been traced to the Chinese province of Guangdong, and the techniques used make it appear unlikely to come from any other source than the military, said Alan Paller, the director of the SANS Institute, an education and research organization focusing on cybersecurity.

Meanwhile… CIO today has an article on a lack of IT security training in the US making the US more vulnerable.

The SANS Institute warned that U.S. government, military contractor, and bank computer systems are facing a barrage of attacks from overseas hackers, and that network-security management lacks the training to mount an adequate defense.

“American government and corporate computer systems are being riddled with online attacks,” said Allan Paller, director of research at Bethesda, Maryland-based SANS. “But there is a culture of secrecy, and government departments, defense contractors, and banks are not talking about the attacks.”

Further… he gives a scary real story…

“In one government department, I saw a member of staff downloading an upgrade to Internet Explorer on his PC,” said Johannes Ullrich, chief technology officer at the SANS Institute’s Internet Storm Center. “I was monitoring his network connection using intrusion-detection software. I noticed that his computer had been redirected to a Web site in Eastern Europe and was downloading code from that site.”

I’m not terribly surprised really. I’ve worked on computers in a good number of small to medium sized organizations and most of them have received no training whatsoever. I’ve often wondered if larger organizations with an actual IT staff are able to have any training. (DO this, DON’T EVER do that… ) Sadly, I suspect that the answer is NO. In many cases there’s a desire to offer “new services” (I’ll bring in a wireless access point and we can give everyone wireless internet access) that security is never really on the list of considerations. I remember one place in particular seemed somewhat put out that I insisted on an encryption key and MAC address filtering for their Wireless LAN.

Of course the real threats of such “weak network security” is not usually in the realm of people getting hurt (unless someone’s foolish enough to intertie VITAL services to internet connected machines.) The real damage is economic, lost information, identity theft, military secrets (or at least sensitive information). However it’s not unimaginable to paint a scenario where the loss of information puts lives in jeopordy. We really need to teach people about networked computer security.

Related Posts

Blog Traffic Exchange Related Posts
  • Data Security One of the things that apparently is commonly overlooked in the area of computer security is what happens to the data on your hard drive when you get a new computer. I just read an article at geoffreyhuntley.com about some old servers he picked up pretty cheap from a government......
  • Zoneminder for a linux based home security DVR system This is filed under security, but a slightly different angle than the usual computer security articles. I just ran across a link I've kept to Zoneminder. Zoneminder is a neat linux application to help you setup your very own DVR (digital video recorder) for a security camera type (CCTV ?)......
  • Protecting yourself from Phishing attacks OK - well if you know what phishing is. You may already be ahead of the game. By now you've probably seen the messages. From:security@yourbank.com to:youremailaddress@isp.com subject:Security breach of your account text: It has come to our attention that there have been numerous ip addresses attempting to access your account......
Blog Traffic Exchange Related Websites
  • How to Install a Home Security System: Most Common Pitfalls Installing a home security system might seem easy. To be sure, it’s a lot easier to install one today than it was just a decade ago. Inexpensive consumer electronics components combined with robust wireless technology means that even an amateur can put in a decent system. Just because it’s easy,......
  • Enterprise Log Management: An Overview (Part 1) - - FOSE Log management is the collection of self-generated data from IT hardware devices and software applications.  The collection of this data can contain useful information about business processes such as the number of errors on a website or even a security issue that displays the number of failed attempts to access......
  • The Treasury Department's New Regulation To Protect Social Security Benefits Recently, the United States Treasury Department put a new rule into place that seeks to protect those the garnishment of Social Security benefits. When you are collecting, and depending on, Social Security benefits, it can be extremely difficult to deal with debt collectors. To then have your bank garnish your......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site