[Infowarrior] - BusinessWeek Cover: The New E-Spionage Threat

[Richard Forno]

The New E-spionage Threat

A BusinessWeek probe of rising attacks on America's most sensitive
computer networks uncovers startling security gaps

by Brian Grow, Keith Epstein and Chi-Chu Tschang

The e-mail message addressed to a Booz Allen Hamilton executive was
mundane‹a shopping list sent over by the Pentagon of weaponry India
wanted to buy. But the missive turned out to be a brilliant fake.
Lurking beneath the description of aircraft, engines, and radar
equipment was an insidious piece of computer code known as "Poison
Ivy" designed to suck sensitive data out of the $4 billion consulting
firm's computer network.

The Pentagon hadn't sent the e-mail at all. Its origin is unknown, but
the message traveled through Korea on its way to Booz Allen. Its
authors knew enough about the "sender" and "recipient" to craft a
message unlikely to arouse suspicion. Had the Booz Allen executive
clicked on the attachment, his every keystroke would have been
reported back to a mysterious master at the Internet address
cybersyndrome.3322.org, which is registered through an obscure company
headquartered on the banks of China's Yangtze River.

The U.S. government, and its sprawl of defense contractors, have been
the victims of an unprecedented rash of similar cyber attacks over the
last two years, say current and former U.S. government officials.
"It's espionage on a massive scale," says Paul B. Kurtz, a former
high-ranking national security official. Government agencies reported
12,986 cyber security incidents to the U.S. Homeland Security Dept.
last fiscal year, triple the number from two years earlier. Incursions
on the military's networks were up 55% last year, says Lieutenant
General Charles E. Croom, head of the Pentagon's Joint Task Force for
Global Network Operations. Private targets like Booz Allen are just as
vulnerable and pose just as much potential security risk. "They have
our information on their networks. They're building our weapon
systems. You wouldn't want that in enemy hands," Croom says. Cyber
attackers "are not denying, disrupting, or destroying operations‹yet.
But that doesn't mean they don't have the capability."

A MONSTER

When the deluge began in 2006, officials scurried to come up with
software "patches," "wraps," and other bits of triage. The effort got
serious last summer when top military brass discreetly summoned the
chief executives or their representatives from the 20 largest U.S.
defense contractors to the Pentagon for a "threat briefing."
BusinessWeek has learned the U.S. government has launched a classified
operation called Byzantine Foothold to detect, track, and disarm
intrusions on the government's most critical networks. And President
George W. Bush on Jan. 8 quietly signed an order known as the Cyber
Initiative to overhaul U.S. cyber defenses, at an eventual cost in the
tens of billions of dollars, and establishing 12 distinct goals,
according to people briefed on its contents. One goal in particular
illustrates the urgency and scope of the problem: By June all
government agencies must cut the number of communication channels, or
ports, through which their networks connect to the Internet from more
than 4,000 to fewer than 100. On Apr. 8, Homeland Security Dept.
Secretary Michael Chertoff called the President's order a cyber
security "Manhattan Project."

<snip>

http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm