ROANOKE TIMES Copyright (c) 1996, Roanoke Times DATE: Thursday, May 23, 1996 TAG: 9605230079 SECTION: NATIONAL/INTERNATIONAL PAGE: A-1 EDITION: METRO DATELINE: WASHINGTON SOURCE: ASSOCIATED PRESS
Hackers infiltrate Pentagon computers more than 160,000 times a year, threatening ``catastrophic damage,'' but the military rarely detects and seldom investigates the interlopers, government investigators said Wednesday.
``At a minimum, these attacks are a multimillion-dollar nuisance to Defense. At worst, they are a serious threat to national security,'' the General Accounting Office said.
Citing Pentagon estimates, a GAO report said as many as 250,000 attempts may have been made to penetrate military computer networks last year, and 65 percent - 162,500 - were successful.
But only about one in 150 was detected and reported, the GAO said, and ``the potential for catastrophic damage is great.''
The report, presented to the Senate Governmental Affairs subcommittee on investigations, dealt with the more than 90 percent of Pentagon data that is unclassified. It nevertheless could contain highly sensitive information on troop movements, procurement and maintenance of weapons systems.
Beyond young hackers who may have no criminal intent, about 120 countries already have or are developing computer attack capabilities. ``In some extreme scenarios, studies show that terrorists or other adversaries could seize control of Defense information systems and seriously degrade the nation's ability to deploy and sustain military forces,'' said the GAO, Congress' investigative wing.
The report quoted the Pentagon as accepting that the document fairly represented the increasing threat of Internet attacks. Officers attributed some of the problems to poorly designed systems or to the use of off-the-shelf computer products without inherent security safeguards.
Pentagon spokeswoman Susan Hansen also stressed that the report focused only on unclassified transmissions between the department and the outside world.
Information on weapons systems and other classified material was secure, she said. ``We have invested in those systems so they are not subject to those attacks,'' she said, ``but we are not taking lightly the repetitive and constant attacks'' on unclassified Pentagon networks.
Sen. Sam Nunn of Georgia, the committee's ranking Democrat, said cyberspace crime poses a whole new challenge to the government. ``Is the bad actor a 16-year old, a foreign agent, an anarchist or a combination thereof?'' he asked. ``How do you ascertain the nature of a threat if you don't know the motive of your adversary?''
GAO information management chief Jack Brock told the hearing of a notorious 1994 case where two hackers attacked computers of the Air Force command and control research facility in Rome, N.Y., more than 150 times. ``The hackers took control of the lab's network, ultimately taking all 33 subnetworks off-line for several days,'' he said.
They broke into computer systems of NASA, Wright-Patterson Air Force Base, defense contractors around the country and South Korea's atomic energy center.
One of the hackers, a British 16-year-old who used the code name ``Datastream Cowboy,'' was caught. The other never was identified.
LENGTH: Medium: 67 linesby CNB