hackers and Y2K

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

As if Y2K isn't enough of a problem, we get to be concerned about the damage hackers can, and probably will, inflict. I got this while reading on http://www.y2knightmare.com/questionsfs.html

THE U. S. MILITARY HAS ADMITTED THAT HACKERS CAN SHUT DOWN THE U. S. POWER GRID AND MAJOR PORTIONS OF THE U. S. MILITARY A team of military hackers have proved that they can cripple the U. S. military and the U. S. power grid by using hacking programs available on the Internet. Both the U. S. military and the power grid are completely vulnerable. The Washington Times (4/16/98) described the operation: Senior Pentagon leaders were stunned by a military exercise showing how easy it is for hackers to cripple U. S. military and civilian computer networks, according to new details of the secret exercise.

Using software obtained easily from hacker sites on the Internet, a group of National Security Agency officials could have shut down the U. S. electric-power grid within days and rendered impotent the command-and-control elements of the U. S. Pacific Command, said officials familiar with the war game, known as Eligible Receiver.

The attack was actually run in a two-week period and the results were frightening,said a defense official involved in the game. This attack, run by a set of people using standard Internet techniques, would have basically shut down the command-and-control capability in the Pacific theater for some considerable period of time.

The secret exercise began last June after months of preparation by the NSA computer specialists who, without warning, targeted computers used by U. S. military forces in the Pacific and in the United States.

The game was simple: Conduct information warfare attacks, or inforwar,on the Pacific Command and ultimately force the United States to soften its policies toward the crumbling Communist regime in Pyongyang. The hackers posed as paid surrogates for North Korea.

According to U. S. officials who took part in the exercise, within days the team of 50 to 75 NSA officials had inflicted crippling damage. They broke into computer networks and gained access to the systems that control the electrical power grid for the entire country. If they had wanted to, the hackers could have disabled the grid, leaving the United States in the dark.

Groups of NSA hackers based in Hawaii and other parts of the United States floated effortlessly through global cyberspace, breaking into unclassified military computer networks in Hawaii, the headquarters of the U. S. Pacific Command, as well as in Washington, Chicago, St. Louis and parts of Colorado.

The attacks were not actually run against the infrastructure components because we don't want to do things like shut down the power grid,said a defense official involved in the exercise. But the referees were shown the attacks and shown the structure of the power-grid control, and they agreed, yeah, this attack would have shut down the power grid.

The attackers also foiled virtually all efforts to trace them. FBI agents joined the Pentagon in trying to find the hackers, but for the most part they failed. Only one of the several NSA groups, a unit based in the United States, was uncovered. The rest operated without being located or identified. [End of Times article]

-- linda (smitmom@hotmail.com), March 16, 1999

Answers

Linda,

http://www.msnbc.com/news/ 246801.asp

Hackers Have Launched 100 cyber attacks a day, says official. "In a speech last November, National Security Council Terrorism Coordinator Richard Clarke said Department of Defense Web sites are being visited regularly by foreign governments. U.S. officials said none of these nations is believed to have aggressive plans and attribute their "pinging" of sensitive systems to an extension of their economic espionage activities. In speeches and interviews, Clarke has been unsparing in his declarations of the threat. He told the New York Times in a recent interview: "I'm talking about people shutting down a city's electricity, shutting down 911 systems, shutting down telephone networks and transportation systems. You black out a city, people die. Black out lots of cities, lots of people die. It's as bad as being attacked by bombs."..... Hmmm.... Couldn't that also be said of Y2K failures that might black out a city, people die. Y2K failures that black out lots of cities, lots of people die. Officials seem to be able to apply strong consequences when related to cyber-terrorism, but not to Y2K failures.

-- MS (awareness@y2k.com), March 16, 1999.


PS

Good thread Linda.

-- MS (awareness@y2k.com), March 16, 1999.


Maybe I've been living in the dark ages already, but it occurs to me that even if Y2K doesn't pan out to be much of a problem, we will definately have many problems anyway because of cyberterrorists ready, willing and able to take advantage. I don't think we have much of a chance to get through this in one piece - as a society, that is. Good Luck to us all!!

-- linda (smitmom@hotmail.com), March 16, 1999.

This simply points up the fact that all of us have to maintain the capability to survive without electricity and many of the goods and services we now rely upon. To do otherwise is foolish, and could well cost the lives of you and your family.

The more complex the world gets, the more it seems that as a civilzation, we are playing a game of Russian roulette with five loaded and one empty.

-- sparks (wireless@home.com), March 16, 1999.


What this points out is the absolutely silly position the federal government has on encryption. They insist on maintaining a huge national security apparatus that (as the article demonstrates) is incapable of securing the nation. At the same time they hold back the advancement of reasonable security measures by the private sector.

Security for uncle sam, the rest of you will have to fend for yourselves, oh, and we dont want you to have any effective tools to do it either.

-- Commiebastards (hitler@reich3.org), March 16, 1999.



you know, a recession (or depression), though it would hurt, is not terribly frightening. I'm psychologically prepared for it as a possiblity. But the thought of what bunches of serious and very non-civic hackers (around the world) might dream up with a year or two's planning is a bit chilling. My preparation seriousness has just jumped up a few notches, even if it's a low probability (which isn't sure at all).

-- so and so (chilledto@the.bone), March 16, 1999.

John Adams new book-THE NEXT WORLD WAR- documents the frightening exercise by the Joint Chiefs of Staff which showed that we are more vulnerable to military deafeat than ever because of cyber terrorism that we simply cannot stop.I recommend this book highly as it is fact- filled,balanced,andeye-opening.Y2K and cyber attacks could be a devastating combination to the USA

-- Dennis Chornomaz (Dchorno@aol.com), March 16, 1999.

I'm of a mind to view the "fear the cyber-terrorist, fear the hacker" line as a red herring designed on purpose to get people fearing things they have no control over. Focus on family preparation and self-sufficiency, neighborhood viability...The government of the US has invited the hacker play babies by dumping all the infrastructure systems into one very vulnerable handbasket...Our problem is to make communities that can survive without all that. Harumph...geez, must be time for a nap, I'm getting cranky.

-- Donna Barthuley (moment@pacbell.net), March 16, 1999.

You Morons !!!

Get this...

Since the early 80's, the press has used the term "hacker" to mean a malicious security breaker, someone who likes to break into computer systems for fun. This is not a hacker at all. This is in fact a cracker.

Hackers rather, are people who like to break out of boundaries and find solutions to problems. Hackers not only exist in the software community, they are musicians, engineers, artists. You can find hackers in almost any field. Here, we discuss mainly the software hacker: a person who enjoys programming and exploring computers.

Hackers are the people who built the internet. They created Unix. They made the world wide web work. Without the work of hackers you wouldn't be viewing this page today, and I wouldn't have written it. The modern world owes a lot to hackers.

As a matter of fact, here are the definitions of hacker and cracker as defined by RFC 1983:

cracker

A cracker is an individual who attempts to access computer systems without authorization. These individuals are often malicious, as opposed to hackers, and have many means at their disposal for breaking into a system. See also: hacker, Computer Emergency Response Team, Trojan Horse, virus, worm.

hacker

A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular. The term is often misused in a pejorative context, where "cracker" would be the correct term. See also: cracker.

And I thought you people were supposed to be immune to government spin. You lot are a joke.

-- (a@true.hacker), March 16, 1999.


Sorry if I mis-used a term. I know several hackers and they are all good, upstanding people and always very helpful with my computer problems. My fear is the cyber-terrorists and what they may do. There is a lot out there that they can play with that can cause much trouble for the world: nuclear weapons to name only one.

-- linda (smitmom@hotmail.com), March 16, 1999.


To "a true hacker"....thanks for the lexicon....you'd receive more welcome here if you didn't start out posts with ad hominem attacks....People tend to knee-jerk when you open posts with "You morons!!"

Thanks again...care to address my comment about gubmint propaganda about cyberterrorism and its relevance in the Y2K times?

-- Donna Barthuley (moment@pacbell.net), March 16, 1999.


a@true.hacker is absolutely right, aside from the hey morons bit. I'm not a hacker or a cracker but I have known one or two. This doesn't make me an expert. I can say with conviction that these people, for the most part, aren't malicious anarchists hell bent on destroying the world.

I seriously doubt that the DOD would admit that they are having these problems without some other motivation. I'm a little worried that this type of thing is being used to make the cyber-terrorist bills shoot through the system.

Actually, I wish that the hacker community would be more vocal about these issues. These people could be a real asset to anyone trying to find flaws in their systems.

Free Kevin!!!

-- d (d@usedtobedgi.old), March 16, 1999.


OK, I apologise, I shouldn't have been so insulting. At least it got your attention though. I'll try not to do it again.

Donna, in my opinion, there is some threat from malicious groups or indivduals, but this is mainly due to lax security on the part of people who should know better. There are certain agencies who exaggerate this threat in order to push their own agendas, for the purposes of increasing their own power, or for financial reasons. My fear is that some may even blame Y2K problems on 'those evil hackers' to give themselves an excuse to do nothing to fix those problems...

If you are interested, there is an excellent site on the history of hackers http://firstmonday.org/issues/issue4_2/gisle/ I hope you enjoy reading it :-)

-- (a@true.hacker), March 16, 1999.


Moderation questions? read the FAQ