Crackers Set Sights on Submarines
   by James Glave 
   5:02am  24.Apr.98.PDT
   The cracker group that claimed earlier this week to have stolen US
   Department of Defense networking software is gearing up to release
   another suite of sensitive programs.
   The group, called Masters of Downloading, or MOD, say that on 1 or 2
   May they will release a set of programs used to track and communicate
   with submarines.
   In an Internet relay chat interview Thursday with Wired News, a
   24-year-old Russian member of MOD said the group will release the
   submarine programs, "and more after that." He declined to identify
   himself and he would not elaborate on what the sub programs actually
   do -- stating only that "we have so much more to show you."

[No warning about the unreliable nature of IRC? Any 12 year old
 could claim to be with this group, and there would be no way of 
   "Information warfare is a very genuine threat," said the cracker, who
   claimed his group pilfered the networking software from a Windows NT
   server at the Defense Information Systems Agency (DISA).
   Yesterday, a DISA spokeswoman said that the theft of the software,
   called the Defense Information Systems Network Equipment Manager
   (DEM), in no way represented a threat to national security.
   "There is no national security risk posed by this being in the wrong
   hands," said Betsey Flood, who added that the intrusion was being
   treated as a "serious matter."
   "The software is an unclassified application, it does not contain
   classified information, and it does not perform control of classified
   systems," said Flood.
   But the MOD member said that DISA was playing down the threat.
   "The DEM may be unclassified, but the information it can give can lead
   to highly classified data being compromised," the cracker said.
   "The fact that the DEM software was fully configured makes all the
   difference -- we know the servers and networks that it connects to and
   we also had a lot of logs and generated reports from when it was run
   previously," he said.
   To prove his point, he outlined exactly how the configured software
   could be exploited.
   "We could launch the DEM program using the DISA systems as a trusted
   gateway, thus gaining very important router/repeater information about
   the DISA," he said.
   "We could then either reconfigure/shut down the equipment, or attempt
   to compromise it to change routes through systems we 'own,' then sniff
   from the owned DISA boxes," he said, describing a process of setting
   an invisible recorder to capture keystrokes or network traffic on a

[This still doesn't describe any REAL threat to controlling
 submarines. This is careful wording aimed at hyping the software by
 giving vague 'we can do this' type statements.]
   But a system administrator with the Department of the Air Force said
   that the group's claims are overblown.
   "So what if they stole a copy of the software that the Department of
   Defense uses to manage its networks. All that it shows is that the
   DOD has to pay millions to software companies for obscure software to
   manage its networks instead of buying off-the-shelf software like NT
   or Novell," said the sysadmin, who spoke on condition of anonymity.
   "If it is just a simple tracking program that says 'this sub is going
   out over here,' then it's no big deal.... But if it had operational
   information like where the subs were, or where their missiles are
   targeted -- then that's something to be concerned about," the
   administrator said.
   The MOD member said that he had been hacking for almost a decade, that
   he didn't worry about being caught, and that, as a hedge, he keeps all
   his private information cloaked with powerful 2048-bit encryption.
   Further, he said that he was browsing inside US Defense Department
   systems during the interview with Wired News.
   The hacker confirmed earlier reports that MOD did not have hostile
   intentions, and he brushed off earlier comments that the group could
   sell the sensitive software.

[Yet in another article, they claimed they could sell this and
 other software to international terrorists or hostile foreign powers..]
   "We spoke of selling it purely as an option to emphasize the DEM
   software's value when fully configured for operation with generated
   logs and reports, as the version we have comes with," he said.
   "Our goals are to demonstrate the power of 15 or so individuals over
   large organizations, through publicizing break-ins and data
   retrieved," he said.
   In February, US Attorney General Janet Reno announced that she would
   ask Congress for US$64 million to fund a new US center for fighting
   cybercrime. The National Infrastructure Protection Center would be a
   hub for a renewed counterattack on hackers around the world.
   "Janet Reno needs to stand back and take a reality check," said the
   "Any networked system cannot, and will not be entirely secure. It all
   depends how much of an element of 'human error' has been in the setup
   of the system through naiveté, etc.," he said.
   As previously reported, the US Department of Defense says it keeps
   top-secret communications on a network called SIPRNET that is
   physically disconnected from servers on the Internet.
   But MOD says they have found that is not always the case.
   "The administrative Naval Space Command systems are on the Internet
   and they contain a lot of 'interesting' data regarding weapons and
   communications technologies that are to be used by the DOD including
   energy weapons specifications," the hacker said.
   But the Air Force systems administrator remained unimpressed by the
   group's threats of potential cyberwar.
   "In the end, what does the theft of this software mean?" asked the
   administrator. "In the long run, not much. In the short term, the DOD
   will spend a few millions to tighten up computer security even more."
   "Does it affect the ability of the US military? Not at all.... even
   though the DOD likes to use computers, it's people and firepower that
   win wars. Computers only make the use of combat forces more
   effective," he said.
   Editor's Note: Because of the anonymous nature of IRC, the real-world
   identity of the MOD member in this interview could not be confirmed.

[So here is the warning. And despite the anonymous nature of IRC,
 it will not hinder them from printing this material.]

[ This is getting silly. The DoD leaves their software all over the place
  I remember a few years ago when I found an FTP site with a copy of SPI.
  SPI is a COPS like program that the DoE wrote and makes available only
  to DoE, DoD and their contractors. Search and you will find. - aleph1 ]