August 31, 2007:
U.S. Department of Defense
security officials were rather disturbed recently when they discovered that
military personnel were getting targeted emails from hackers. If the soldier
tried to open the attacked file, their computer who have hacking software
secretly installed. This software would basically give the hacker control of
that PC, making it possible to monitor what the user does on the computer, and
have access to whatever is on that machine. While many troops sense that the
"spear fishing" (or "phishing") attack is just that, some don't, and
it only takes a few compromised PCs to give someone access to a lot of secret
information. This would be the case even if it is home PCs that are being
infected.
The Department of Defense has 11 million Internet
users, five million PCs and 12,000 networks, and is the largest Internet user
on the planet. In addition, there are millions of home PCs used by military and
government personnel. Security researchers are trying to find out what kind of
list (of military email addresses) was compiled for these attacks, and where
the lists came from. These attacks could be in search of classified
information, or attempts to set up military networks (with software that will
take these systems down) for a future attack.
All the services are scrambling to get their Cyber
War defenses strengthened. The U.S. Air Force is trying to establish itself as
the primary Cyber War organization in the Department of Defense, but in a case
like this, the best defense is alerting and training individual troops.