Hacking Ghost Stories



There have been a variety of reports lately on “Titan Rain”, an apparent cracker attack on US military computers that may have originated in China. The story orginally surfaced in the Washinton Post which reported that “Web sites in China” (1) were being used attack “hundreds of unclassified networks” run by the DoD and the US Government. Complete with the usual whispers and officials refusing to comment the articles notes that China may only be the last traceable hop and that only “low risk” computers were compromised.

TIME Magazine (pdf , local archive) then picks up the story and focuses on Shawn Carpenter, a mid-level analyst at Sandia National Laboratories, who claims to have counter-cracked the attackers and pinpointed their location to three routers in China’s Guangdong province. TIME then states the following:

TIME has obtained documents showing that since 2003, the hackers, eager to access American knowhow, have compromised secure networks ranging from the Redstone Arsenal military base to NASA to the World Bank. In one case, the hackers stole flight-planning software from the Army.

It is unclear if “the hackers” are the same alleged Chinese hackers or if this is just a summary of the many attacks on DoD and US Government systems that Lt. Col. Mike VanPutte, vice director of operations of the Joint Task Force for Global Network Operations under the U.S. Strategic Command, attributes to the increased used of downloadable attack tools, which presumably, there are security patches for. In effect, there are increased attacks (i.e. scans or attempts to use known exploits) against Internet-connected, low risk, computers.

This story is eerily familiar.

Moonlight Maze is a continuing story that surfaced in July 1999 about a secret cyber-war aimed at the Pentagon and possibly conducted by the Russians or Chinese. It first appeared in the London Sunday Times in an article by James Adams. The story relied on unnamed sources and claimed that “some of the nation’s most sensitive military secrets, including weapons guidance systems and naval intelligence codes” had been stolen. However, a story in Federal Computer Week refuted these claims by citing yet more unnamed DOD and pentagon officials as calling recent media coverage of Moonlight Maze “a combination of outright fabrications, distortions and incorrect quotations,” and that military secrets had not been compromised.

The Moonlight Maze story re-surfaced after the Sept 11 attacks. USA Today ran a story about Moonlight Maze but in this version the theft of secret data “may be the work of terrorists” or someone working with terrorists.

Titan Rain and Moonlight Maze are amazingly similar ghost stories. In effect, the same story had been told and re-told, with substituted attackers, since at least 1999. I call FUD.

(1) Websites? Hmm… thats some badass HTML :)

Post a comment.