70 likes | 163 Views
Cyber-Attack On Department Of Defense. By Blake Eifling. Overview.
E N D
Cyber-Attack On Department Of Defense By Blake Eifling
Overview Washington has reported that there has been a widespread attack on Defense Department computers that may have started in Russia. Military experts could not say whether the attacks were in direct relation to the Russian government or carried out by individual computer hackers. Although the military computers are often attacked by outside hackers with viruses and worms, this attack by the agent.btz worm was taken very seriously. In response to the attack, the U.S. Strategic Command has raised the security level while defense officials have ban the use of flash drives on military networks. The attacking program has been removed from a number of networks but officials have not yet cleansed the entire network. The Department of Defense would not describe the extent of the damage but did say that they are unclear on how the computers were infected. The agent.btz virus had been circulating nongovernmental computers for months prior to the attack on the DOD.
agent.btz Worm • Agent.btz is in the category of Malware ( Malicious Software ) • Agent.btz is not a new virus • Origin of virus is unclear • Worm virus – Virus that self-replicates to other programs and systems. • Agent.btz has the ability to spread through shared drives and networks. “..when a clean computer attempts to map a drive letter to a shared network resource that has Agent.atz on it and the corresponding autorun.inf file, it will (by default) open autorun.inf file and follow its instruction to load the malware. Once infected, it will do the same with other removable drives connected to it or other computers in the network that attempt to map a drive letter to its shared drive infected with Agent.atz – hence, the replication.” (Threat Expert) http://www.napera.com/blog/?p=202
Security Theater • Security theater consists of security countermeasures intended to provide the feeling of improved security while doing little or nothing to actually improve security. • This term is important in understanding some of the actions that have taken place within the DOD. • All flash drives were ban not only from the pentagon and DOD but in combat zones to prevent the spreading of the agent.btz worm. • This is theater because these actions only give the illusion of security and does nothing to prevent the spread of the virus since the virus can also be spread though networks.
Device Fears • With the resent attack on the DOD, flash drives have been banned from use within the Pentagon and other defenses offices. • Also in 1998 with the release of the toy Furby, the NSA banned the toy from NSA offices for fear that the toy would be able to listen and repeat classified information. • With these devices and toys many have fears that they might be coded with some sorts of malware. • Because of its ability to repeat what it hears, Security Agency officials were worried "that people would take them home and they'd start talking classified,'‘ • Both devices contain thousands if not more lines of code and are produced by large manufacturers and even other countries. • How do you know that any device is safe against such viruses? • So is banning these drives and toys really fixing and/or preventing the problem?
Comments/Quotes “ How do we know that it's not retaliation for an attack on Russian computers that originated from US military networks? “ “I'm not sure it matters. Whether US military computers were choosing to load and execute foreign code as a result of a foreign first strike, or a foreign counter-attack, we still have the situation that US military computers are loading and executing untrusted code, and apparently unsandboxed, so that it ended up mattering. No matter why the military computers were attacked, the fact that the attack worked proves incompetence. ” “ This is taking place during the transition between Administrations, so someone at the DoD hierarchy wants to make a show about how they are "protecting America" when everyone in the commercial sector dealt with the agent.btz trojan quietly months ago. “ “ I wouldn't put it past the MIC to exaggerate the risk of electronic attacks in order to manipulate the public. it certainly wouldn't be the first time the public was mislead about our nation's defense in order to funnel tax dollars into unnecessary defense projects. “
Discussion Questions • Is there any way to prevent the spread of such viruses like the agent.btz? • Will you have more reservations about what kind of flash drive you purchase?