China Hacked a Navy Contractor and Secured a Trove of Highly Sensitive Data on Submarine Warfare (washingtonpost.com) 112
Ellen Nakashima and Paul Sonne, reporting for The Washington Post: Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare -- including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials. The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry. The officials did not identify the contractor. Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit's electronic warfare library. The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.
Heard this before (Score:4, Informative)
... it was in the book 'The Cuckoo's Egg'.
Re: (Score:2)
I was about to post this, but you were first.
Re: (Score:2)
P.S.=> Great read that book - imo, it ought to be required reading for security pros (can wipe logs all day, try it on a mirrored log AND a printer putting it out on paper the way Stoll did to trap East Germans & KGB w/ evidence they could NOT wipe)... apk
I agree, it should be required reading, or part of Sysadmin Employee Handbook.
You can make append only files, FWIW, which could be useful for logging in this way. Nothing stopping someone who gains root from rebuilding the FS though, just gives them another task and need to reboot the system. Printers run out of paper eventually.
Was a very awesome book, I should read it again.
Re: (Score:2)
Nothing stops Root from resetting append access only (I do it in the program I noted to Mr. Stoll himself during the File Open (as append, reset etc.)/Read-Write/Flush-Close cycle either really IF you think about it...
Same goes for diverting where the print goes. Difference is though, if both are attacked, you have some chance of grepping the logs, grepping print output takes a much longer as eyeballs don't work as fast. This assumes you can do something with it afterwards. On a laser, I'm not sure, but if you close the print fd file, I think it ejects the page. On line printers, this isn't as much an issue. If there is a large (page) buffer, then I think there's some chance that the lpd could be -9'd thus nothing gets w
Re: It would be news if they didn't try (Score:1)
This isnt new and hasnt been stopped regardless of who POTUS may be. The US just takes the hit without ever retaliating.
Re: (Score:1)
Your Trump ButtHurt is so bad, you'll need an ass transplant in 2024
Could harm national security? (Score:4, Informative)
I think that horse has bolted and is grazing happily in a field right now.
You'd think a defense contractor would know not to store top secret information on internet accessible machines but I guess there's stupid in every organisation.
Re: (Score:3)
Yeah they were probably internet attached using Windows 7 Pro instead of the much more secure Windows 10 Enterprise
Re: (Score:1)
Hey! They used store it behind a Cisco firewall. That's safe, right? right?
Re: (Score:2)
yeah the only issue with those cisco firewall is the breathing of the NSA I hear when on my cisco phone, but yeah they are tight as a drum for security.
Re: (Score:2)
You'd think a defense contractor would know
They have a really good example [fedscoop.com].
Re: (Score:2)
They make "offers" for "cash" to a contractor and wait to see what the contractors does.
Report all details as told to?
Accept the offer?
So many contractors now. The few FBI agents with accents and the same security clearance level have so much work to do all over the USA.
Re: (Score:2)
Top secret? I doubt it. The WaPo article that the /. post links to says "The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network. The officials said the material, when aggregated, could be considered classified..." So if the "officials" are telling the truth, there wasn't any classified material there.
The "aggregated" statement is the notion that if you put enough of the right unclass material together, it becomes classified. I know a little a
Re: (Score:1)
"The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security."
So letting Americans know what the Chinese know is a threat. That's hard for me to understand.
Re: (Score:2)
For better or worse, I think that's standard procedure in cases like this. Maybe they meant they didn't want the Russians, Koreans and Iranians to get a hold of the information too.
Some on this /. page have suggested this might have been a honey pot, with misleading information. I have no idea, but that would be comforting :-).
Here Come The Chinese Knockoff Submarines! (Score:3, Interesting)
Re: (Score:1)
an AyePhone X
Aren't those made in Scotland?
Re: (Score:2)
I'm sure that the Chinese government has the same standards of quality as the factories that churn out cheap knock-offs of consumer products, amirite?
Sea "Dragon"? honeypot? (Score:2)
Re: (Score:2)
Lol no.
Sorry guys (Score:2)
NSA, traitors to the USA (Score:4, Insightful)
Just to remember. There was a time, long ago, when lots of security features were being developed and the NSA and other US security agencies intervened to make that more difficult.
Now, when Trump starts some needless, stupid war against China, many American servicemen's lives will be lost because the NSA failed to do it's basic job - secure the communications and information of the USA. Or more likely, worse, the Chinese will feel bold enough to close off free navigation through the south China sea and eventually be powerful enough to destroy the US economy.
It's not that they weren't warned. They still did it and there are still traitors demanding backdoors in encryption.
Seriously? (Score:4, Insightful)
Re: (Score:3)
Prove to me it wasn't intentional espionage. There's a million ways for a mole to plausibly leak sensitive information without the mole being discovered.
Re: (Score:2)
Re:Seriously? (Score:4, Interesting)
I have a hard time believing that in 2018, the gov't & its contractors, aren't locking down national security military secrets better than this. It's so close to unbelievable to me, that I have to wonder if this is misinformation left on a honeypot server. If the US gov't is really this loose with their classified information at this point in history....
I tell myself the same thing.
I'm almost willing to bet this is a honeypot operation and the leaked data is otherwise useless or better yet has faults built in that we can manipulate.
If not, there better be extreme punishments involved for the contractor in question and it should be through the military court system.
And how in the hell do they not notice 614 f*cking GIGABYTES of data being transferred? Their sysadmin just sat there and thought, "Derp derp, I wonder who is transferring so much data to IP addresses based in the far east?"
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Not unlikely. (Score:2)
I know someone first hand who had been translating plans and manuals for cruise missles for a NATO partner country. That was 3 years before there was an official vote to decide wether these would be stationed or not. In the 80ies the peace movement launched large-scale protests agains the CMs, argueing that they could carry nukes. Which is nigh pointless in such a high precision weapon. Word had it that the peace protests where funded and organised by CIA blackops to make the CMs more scary and have the loc
"sensitive" not the same as "classified" (Score:5, Informative)
The rules for protecting Sensitive data are less stringent than for actually Classified data. (And just because some reporter uses the word 'secret', I'm not convinced from this article that the material was actually classified.)
If classified data was actually placed on a machine that was not properly secured, multiple people should go directly to jail. If this was a breach of a contractor system with 'FOUO' sensitive (but not classified) data, then there's a much higher bar for 'go to jail.' That being said, I'd fully expect there to be substantial consequences against the contractor, up to being kicked off and forbidden to bid on subsequent contracts.
Re: (Score:3)
An article I read called the data "sensitive", which in itself does not mean anything.
What I gleaned is that the data was unclassified, but when aggregated together, classified information can be gleaned from it.
You seem to have the idea, but for the sake of others here, this is an example that is not a car analogy:
Materials A & B, processes C, C', & C'' and product D are all unclassified
Which process you use affects the end quality/effectiveness/cost of D.
So we have a list of studies on A and B on
Re: (Score:3)
And that's a real issue with technical data like this. On the one hand, there's the risk of aggregation that yields classified results. That would in theory make the system holding -all that data (or a set of systems that can be 'joined' to yield the result) classified. On the other hand, there's the problem in deciding just how much aggregation yields a classified result, and then the consequences of -making that decision-. Working in a classified environment is hard (costly and very inconvenient), the
Re: (Score:2)
And the alternative is...? I seem to remember a case I read once but somebody (given the time frame, probably the Russians) was collecting data on overtime pizza delivered to intelligence agencies. And I can sorta understand that, every time they discovered something big you'd have people working around the clock to figure it out. I can understand why you'd want to keep that a secret, on the other hand it's really hard for accounting and everyone else to pretend it didn't happen.
Re: (Score:2)
We had discussions in my (nuclear-capable) National Guard artillery unit (during the Cold War, when every artillery unit trained for that mission) whether the Chaplain's Visitation Schedule should be classified, because it might reveal the location of the firing batteries.
doesn't pass the smell test (Score:4, Insightful)
So they were exfiltrating 10 Gigabytes a day from the contractor's network and nobody noticed?!!
Re:doesn't pass the smell test (Score:4, Interesting)
The part that struck me as ludicrous was the "secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020".
You can't get a new stove approved for submarine use in two years, much less develop and certify a new missile....
Re: (Score:3)
The USA has had torpedo tube launched anti-ship missiles for decades.
Ours pop out of the water, the Russians create a bubble in front of theirs and haul ass in the water. Ours can turn.
Re: (Score:2)
Yeppers. And the process for developing & approving a new one takes longer than two years. MUCH longer than two years.
Re: (Score:2)
Updated blocks on the other hand...development of an updated version in four years isn't insane. Especially as we don't know how far along the development is.
Re: (Score:2)
The part that struck me as ludicrous was the "secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020".
You can't get a new stove approved for submarine use in two years, much less develop and certify a new missile....
If there was 617 GB of data sitting there to be pilfered, they must have been working on it a good while.
Re: (Score:2)
So they were exfiltrating 10 Gigabytes a day from the contractor's network and nobody noticed?!!
No problem: sneak one 256 Gig microSD card per day for 3 days.
Maybe stuck it up his ass.
don't wory they will get pardoned for $$$ (Score:3)
Blind Man's Bluff (Score:2)
If you want to know a lot about development of nuclear submarines and assorted espionage (mostly Russia/US though), look up Blind Man's Bluff on Amazon. Great book.
what does Apple do? (Score:2)
Re: (Score:1)
Uhhhh (Score:2)
The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.
Yeah, it might get out to the Chinese.
Better call NCIS (Score:2)
Really, is anyone even surprised at any of this shit anymore? Everything is hackable now, nothing is safe. Remember that at least half of us has had ALL of their financial data stolen from them in the Equifax breach, and by now there's probably a million copies of all of that floating around the world. Meanwhile dickheads in the EU and corporate assholes here in the States are more concerned about 'losing profits to piracy
Re: (Score:2)
Everything is hackable now, nothing is safe.
Particularly if it is Windows.
Things have got to change.
Installing or using Windows in government should be a firing offence.
Navy should have ... (Score:1)
The Washington Post agreed to withhold certain details ... at the request of the Navy ...
... requested this of the goddam contractor.
Windows (Score:2)
Go ahead, tell me it's not Windows. Basically, Microsoft threw an election to Trump and national security to China.
Well, there's yer problem (Score:2)
FTFA: The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network.
You've got to assume that anything on a system that's attached to the internet is going to be compromised sooner or later.