DOD Promises to Defend the Networks They Failed to Defend after 2008
There’s something hysterical about the promise a Quantico spokesperson made that DOD would take any threats to its IT networks–in this case, threats made by Anonymous–seriously.
A Quantico spokesman, Lieutenant Agustin Solivan, said officials had referred the matter to law enforcement and counter-intelligence agencies. “We are aware of the threat and any threats to defence department information systems and networks are taken seriously,” he said. “The intent or stating that you are going to commit a crime is a crime in itself,” he added.
You see, back in 2008, DOD got badly hit by malware introduced via a thumb drive or some other removable media. And in response, DOD instituted measures that–it said–would clear up the problem.
The Defense Department’s geeks are spooked by a rapidly spreading worm crawling across their networks. So they’ve suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.
The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to “floppy disks,” is supposed to take effect “immediately.”
[snip]
Servicemembers are supposed to “cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware,” one e-mail notes.
Eventually, some government-approved drives will be allowed back under certain “mission-critical,” but unclassified, circumstances. “Personally owned or non-authorized devices” are “prohibited” from here on out.
In other words, back in 2008, an enemy force attacked DOD’s IT system using an embarrassing security vulnerability. In response DOD immediately banned all removable media. That ban was supposed to be permanent on classified networks like SIPRNet.
Just over one year later, a low-ranking intelligence analyst in Iraq brought in a Lady Gaga CD, inserted it into his computer attached to SPIRNet, and allegedly downloaded three huge databases of classified information.
Throughout the WikiLeaks scandal, DOD has been the functional equivalent of someone who, just weeks after getting cured of syphilis, went right back to his old ways and–surprise surprise!–got the clap, all the while denying he bore any responsibility for fucking around.
According to Bradley Manning’s description, there was a virtual orgy of IT security problems at his base in Iraq.
(01:52:30 PM) Manning: funny thing is… we transffered so much data on unmarked CDs…
(01:52:42 PM) Manning: everyone did… videos… movies… music
(01:53:05 PM) Manning: all out in the open
(01:53:53 PM) Manning: bringing CDs too and from the networks was/is a common phenomeon
(01:54:14 PM) Lamo: is that how you got the cables out?
(01:54:28 PM) Manning: perhaps
(01:54:42 PM) Manning: i would come in with music on a CD-RW
(01:55:21 PM) Manning: labelled with something like “Lady Gaga”… erase the music… then write a compressed split file
(01:55:46 PM) Manning: no-one suspected a thing
(01:55:48 PM) Manning: =L kind of sad
(01:56:04 PM) Lamo: and odds are, they never will
(01:56:07 PM) Manning: i didnt even have to hide anything
(01:56:36 PM) Lamo: from a professional perspective, i’m curious how the server they were on was insecure
(01:57:19 PM) Manning: you had people working 14 hours a day… every single day… no weekends… no recreation…
(01:57:27 PM) Manning: people stopped caring after 3 weeks
(01:57:44 PM) Lamo: i mean, technically speaking
(01:57:51 PM) Lamo: or was it physical
(01:57:52 PM) Manning: >nod<
(01:58:16 PM) Manning: there was no physical security
(01:58:18 PM) Lamo: it was physical access, wasn’t it
(01:58:20 PM) Lamo: hah
(01:58:33 PM) Manning: it was there, but not really
(01:58:51 PM) Manning: 5 digit cipher lock… but you could knock and the door…
(01:58:55 PM) Manning: *on
(01:59:15 PM) Manning: weapons, but everyone has weapons
(02:00:12 PM) Manning: everyone just sat at their workstations… watching music videos / car chases / buildings exploding… and writing more stuff to CD/DVD… the culture fed opportunities
Incidentally, note that no one has been fired for having left SIPRNet open to the same vulnerability that had already been targeted in a hostile attack? It’s all Bradley Manning’s fault. Sure, DOD was fucking around. But it can’t be held responsible!
So now, weeks after HBGary emails made it clear that DOD and DOJ and CIA were already investigating Anonymous, they’re telling us they’re investigating. For real now.
And don’t you worry! Ain’t no way Anonymous can hurt them. Because they know how to defend against such threats.
The only use for a USB socket in a secure environment is as a superglue recepticle. Some would say that’s the ONLY use.
But as long as there are soldiers who take their oath seriously, whistleblower data WILL find a way out.
The only way for DoD to secure their networks is to make sure that only people with flexible ethics and the proper political viewpoint have access.
Boxtyrtle (Hey, waitaminnit….)
Intent is only one element of a crime. If intent alone were sufficient, half of divorcing spouses would be in the slammer. Generally intent has to apply to an act and its consequence, it has to occur at the same time as act(s) taken in furtherance of a crime, and those acts have to cause the crime itself, such as an unlawful killing or gaining unauthorized computer access.
As much as this administration and its plethora of vendors seem to want it to be so, thought crimes do not yet exist.
For Ross Douthat or visiting Teabaggers, the “clap” is ordinarily a slang expression for gonorrhea, not syphilis, which is more deadly. Both are easy to avoid and and just as easy to spread, as in the DoD’s case, by refusing to take the most routine of preventive measures.
Have you been practicing “Safe Data”?
It’s the last entry in the exchange quoted that gets you, isn’t it? The picture is of a totally uncontrolled environment, where basically no one gives a shit. I bet the guys in Foggy Bottom are still truly pissed off that their “secret” excahanges were in the hands of people on the ground in Iraq who were totally careless and useless. The real guilt (if there is any)of Bradley Manning’s efforts lies with the useless chain of command who let him do it through sheer, idle, useless incompetence. No I’m not holding my breath for them to be held to account.
Lieutenant Agustin Solivan = disinformation specialist
Either he’s a ‘moran,’ or he’s as big of a tool as Geoff Morrell (I’m leaning toward tool)
Manning trained at Fort Huachuca which is
At least part of their job is to do exactly what Manning allegedly did.
Watch this interview with John Young
http://www.youtube.com/watch?v=oMRUiB_8tTc
If you don’t want to watch it all, ff to around the 5:22 mark. Oblique reference to someone like Lamo at around the 6:00 mark
The Pentagon and DoD have bigger problems on their hands! A documentary about 9/11 will be released, that details how the United States Air Force, Boeing, United Airlines, Tomahawk Cruise Missiles, propt as airplanes, were used on the World Trade Centers and the Pentagon. You’ll see how a Bush family member orchestrated put options on Wall Street, to make the rich, richer! You’ll also see 87 billion dollars in gold bars being relocated, as the rest of the world was fixated on a controlled demolition! This is not a 9/11 conspiracy theory. Someone or someone’s took video to prove it.
WikiLeaks obtains much secret data from P2P nets, not leaks, firm claims
As ComputerWorld shows, they may not even have the right guy…..
Wikileaks home was on the Tor Network WikiLeaks Intercepted Private Communications via TOR proxy network, Maintains Access
Would you want DOD IT to protect your network when they don’t even know where the leaks came from?
800,000 users had access …which is going to be a real problem in proving Manning did it.
…which is why they need a confession.
No confession – No case
No Case – No Conviction
No Conviction – No one to blame but those in charge
The sheer quantity of data involved assures that there are unfortunate consequences for those who both do and deserve them, regardless of your vantage. There’s just that much data.
the fact this level of physical access was available to a PFC is indeed the core issue. There is no bulletproof technical solution.
I dunno, I bet they have better evidence of Manning’s involvement in the downloading than you think.
My SWAG is that they can show access – but they have absolutely nothing after that. According to the Lamo Logs, his computer was wiped “by the system” (zerofilled) before they could examine it for evidence. They don’t know how he got it out, Lady Gaga disks notwithstanding (shows how it MAY have happened, not that it DID happen that way). And they still have no chain of custody for the evidence to Wikileaks (yes, I know I’m reversing that one, but it’s just my mood today). Time for a “show cause” hearing.
Could be, we shall see. I am thinking they have better than that on Manning. Either way, the access is enough to put Manning away for a good long time.
I don’t think access is enough, certainly not enough for the big charges. Without dissemination, without a chain of disclosure, they are howling at the moon. Any defense lawyer worth their salt is going to say Manning was scapegoated, thousands of others had access, and Chinese intelligence networks were feeding the same data through the TOR networks. Without the chain they have bupkis.
There are several wrongful data accessing and/or transfer charges; they are gimmes and if stacked could put him away quite a while. Especially with a conduct unbecoming, which would be a given if there are convictions on the former.
Most of the previous discussion on this has been faulty. The laptop would not have BIOS settings allowing it to be booted from another disk, and probably would have used EFS (the Encrypted File System) to make such an attempt useless. USB would have been shut down by group policy, just as the ability to write to CD/DVD would have been. Remember, intelligence people are a little funky about access to their data. They tend to lock it down every which way they can. Note that the EFS stops you from taking the drive out (easy to do on a laptop) and reading it on another computer.
So how did someone get the data out? A clue comes from the “introduce software” (Hi, word, meet excel) portion of the indictment.
SIPRNET is one locked down little environment. You can’t run the wrong programs, you certainly don’t have the rights to install programs, and you can’t boot another operating system – what’s a leaker to do? Enter Linux. Specifically Damn Small Linux and Puppy Linux (there are other variations, but focus on the Puppy, OK?) Name the file whatever you want. Important, because if it isn’t on the list of allowed program names, it isn’t going to run. Browse the CD/DVD. This functionality can’t be disabled if they are going to distribute information that way (which they do – or so I’ve heard). So now you run the program, and get a fully functional Linux system, ON TOP OF EFS, able to read and write to the system devices at will. Now you can use K3b (the Nero of Linux) and burn the data from the file system back onto the disk.
There are two flaws with this scenario that I’m not going to reveal because the DOJ/DOD is undoubtably listening. But suffice it to say that their IT skills won’t give them a hope of figuring it out anytime soon either. So nice of them to have zerofilled the only hope of evidence. Makes my day brighter already.
I think you are giving them too much credit. More like, they picked up a hitchhiker, then when they stopped to take a leak they asked him to hold their keys and wallet. So, when they come out of the restroom and discover their car is gone, they decide that the right thing to do is ban the use of cars.
The transcript you quote gives the names “manning” and “lamo”. Obviously, these transcripts have been transcribed from the actual transcripts which would use anonymous handles for the participants. According to your own analysis, I would be hesitant to even attribute any of the transcripts to manning. Lamo was most likely “encouraged” to cooperate with this while he was being held against his will on “psychological” charges.