- BETHESDA, Maryland (Reuters)
-- U.S. Defense Department pleas to computer hackers to quit mischief-making
appear to be falling largely on deaf ears, making spotting potential national
security threats more difficult, a top Pentagon expert said on Tuesday.
- Despite recent appeals, "we're not seeing any diminishing"
of the pace of attacks on Defense Department systems, said Richard Schaeffer,
who heads the cyber-security office in the Pentagon arm responsible for
command, control, communications and intelligence.
- Last year, a total of 22,144 "attacks" were
detected on Defense Department networks, up from 5,844 in 1998, Air Force
Maj. Gen. John Campbell, then vice director of the Defense Information
Systems Agency (DISA), told Congress in March.
- So far this year through August 4, a total of 13,998
such "events" have been reported, according to Betsy Flood, a
spokeswoman for Arlington, Virginia-based DISA, which provides worldwide
communication, network and software support to the Defense Department.
- Updating the statistics in reply to a query from Reuters,
she defined "events" as probes, scans, virus incidents and intrusions.
- Schaeffer, at a Bethesda, Maryland, "Web Defense"
conference on business solutions to cyber-crime, said the government would
like to take hackers "out of the equation as much as we can"
to make it easier to track cyber threats possibly tied to foreign foes.
- Asked whether he expected recreational hackers to comply
with the Pentagon request, he replied: "Probably not," even though,
he said, the Pentagon was crying "uncle" and telling hackers
"you got our attention."
- Along with representatives of the armed services and
federal law enforcement authorities, the Pentagon called on cyber vandals
last month to turn their talents to defense.
- U.S. Assistant Secretary of Defense Art Money urged hackers
at an audience at "DEF CON 8.0" in Las Vegas to join the government
or private industry and get on the "defense side."
- Once an underground event, the eight-year-old DEF CON
computer hackers convention drew 5,000 people.
- Improved detection measures
- Schaeffer attributed the jump in reported attacks on
Defense Department systems between 1998 and 1999 partly to improved intrusion-detection
procedures and technology, along with stepped-up awareness and reporting.
- But the "sophistication" of attacks was also
increasing, he said, and the often-present "noise floor" from
computer hackers "makes it a whole lot easier for (a serious threat)
to slip in."
- He said the Pentagon was highly confident that its classified
systems had never been penetrated by hackers, thanks to very strong access
controls, and that only unclassified networks had been pierced.
- Richard Thieme, a Milwaukee-based consultant on human
dimensions of technology who chaired the panel at DEF CON at which the
Pentagon made its appeal, said all but 1,000 of last year's reported attacks
were attributed to recreational hackers.
- Schaeffer, in an interview with Reuters, said it was
"highly probable" that at least some of the 22,000 attacks last
year were mounted by foreigners probing U.S. security gaps.
- But he said he had never seen anything purporting to
document any such effort by China, often cited by U.S. national security
experts as probably actively involved in developing offensive cyber weapons.
Site Served by TheHostPros