Hacker 'left note on US army computer'

Press Association
Wednesday July 27, 2005

Gary McKinnon of Wood Green, north London, arrives at court for his extradition hearing. Photograph: Daniel Berehulak/Getty

A British man accused of hacking into the US military computer system left a note on an army computer saying US foreign policy "is akin to government-sponsored terrorism", a court heard today.
Gary McKinnon's note continued: "It was not a mistake that there was a huge security stand-down on September 11 last year ... I am SOLO . I will continue to disrupt at the highest levels," the court was told.

Mr McKinnon, 39, faces extradition to the US over claims he accessed dozens of government computers over a one-year period, causing $700,000 (£370,000) worth of damage. One of the allegations relates to the deletion of operating system files and logs from computers at US naval weapons station Earle at a critical time following the September 11 attacks, which rendered the base's entire network of more than 300 computers inoperable.
......................

"Via the internet, the defendant identified US government network computers with an open Microsoft Windows connection."
.........................

He said Mr McKinnon had been able to scan more than 73,000 US government computers, and was able to "lever himself from network to network and into a total of 97 government computers throughout the US".

Mr McKinnon is also accused of deleting files capable of shutting down the entire network of more than 2,000 computers in the US army's military district of Washington for 24 hours, "significantly disrupting governmental function".
................................

Speaking at the time of the indictment, Paul McNulty, the US attorney for the eastern district of Virginia, said: "Mr McKinnon is charged with the biggest computer hack of all time."
...............................................

http://www.guardian.co.uk/online/security/story/0,14230,1537298,00.html

makes you wonder about the security level of the US army. If he could do that, why couldn't Al Quaeda do it...

security.

Sounds to me like the firewall they had in place was pure shit and poorly configured. If they'd actually secured their network properly, this guy wouldn't have been able to access it anyway.

If they'd secured it properly, he never would have been able to see what operating system individual machines were running.

I don't condone his actions, but it sounds to me like they have some really crappy people designing their security for their network.

The thing about Windows is that it gives the illusion of being easy like it takes care of everything, so people don't apply the patches or take necessary security measures.. Linux requires knowledge to read at all, which is more condusive to have holistic knowledge and recognizing the need for security patches.

If the IT department and network managers/security architects were doing a competent job, what people inside do with individual PCs is irrelevant.

sorry. had to give you shit. But yeah, I'm talking about Windows SysAdmins even. Windows can be deceptivly user freindly.

servers. If a properly configured firewall is in place, the OS on the servers and PC's is irrelevant :).

Most firewalls operate on a Unix kernel, but what the machines inside that firewall use has no bearing on security if the firewall and other security is configured properly.

Also - It's worth noting that Richard Clarke was going to be in charge of cyber-security and cyber-terrorism prior to 9/11 and his departure from his anti-terrorism duties.

Did he depart before 9/11? I can't recall.

If I recall properly, he was one of the first into the situation room after the attacks.

I'd have to read his book again and refresh my memory as to when he left exactly.

I was thinking about your (accurate) firewall comment. I have spent some time in IT, and they surely must of had one, and wondering how the hacker got through it. The thing of course is that there were open ports, through the firewall, for various services. Yahoo Messenger requires you open ports for instance. But any exploit that gets in through Yahoo messenger, or ANYTHING like it, is always based on the hacker exploiting a local version first. I don't think the military should be running anything like that. (Not Messenger per say, but things like it that could be hacked) Miliraty should be running military messsenger, military word, military explorer. Sure they should hire consultants from people like yahoo, but these things should be secure and separate from what the public codebase/applications. There's no excuse for a guy using exploits on commercial software to get into military networks.

That or the people doing the security aren't qualified to do so... I hope they get paid lots of money because they're about to get canned.

As an IT guy, I know damn well that that $700K is the maximum theoretical loss possible over the course of time that the system was compromised. It's a "worst case scenario" number, and any time you hear about damages or losses from someone breaking into a system or spreading a virus, that's where that number comes from.

I'm not condoning or supporting any of those activities (actually, I'd like to take a rubber hose to a few virus authors in particular), but merely pointing out that the number might not reflect the reality of the situation.

Its like the ...Bob couldn't write the proposal ...that might have gone through...that might have saved us $680,000 in the long run...number.

just think of what China could do. They'd toast our military from the inside in minutes. That's if they needed to... I'm sure they'll stay the course of letting us implode under Bush and then just buy us.

:shrug:



....


When I ask if he is brilliant, he says no. He's just an ordinary, self-taught techie. And, he says, he was never alone. "Once you're on the network, you can do a command called NetStat - Network Status - and it lists all the connections to that machine. There were hackers from Denmark, Italy, Germany, Turkey, Thailand …"

"All on at once?" I ask. "You could see hackers from all over the world, snooping around, without the spaceniks or the military realising?"

"Every night," he says.

"What was the most exciting thing you saw?"

"I found a list of officers' names," he says, "under the heading 'Non-Terrestrial Officers' …. It doesn't mean little green men. What I think it means is not Earth-based. I found a list of 'fleet-to-fleet transfers', and a list of ship names. I looked them up. They weren't US Navy ships. What I saw made me believe they have some kind of spaceship, off-planet."

"The Americans have a secret spaceship?" I ask.

"That's what this trickle of evidence has led me to believe."

"What were the ship names?"

"I can't remember," he says. "I was smoking a lot of dope at the time. Not good for the intellect."

more
http://www.smh.com.au/news/technology/the-nerd-who-saw-too-much/2005/07/12/1120934245512.html?oneclick=true

Set up a hackable network with a buch of BS information under a military domain. Non-Terrestrial officers my ass.

Rather like what was sold to the public regarding Saddam's "weapons stockpiles".

Let's put on some serious :tinfoilhat: for a moment and presume that military technology and research is far, far beyond what we have been led to believe.

Now let's take off the tinfoil and see if that presumption stands knowing what we do know about militry technology and can confirm.

Now examine the difference between the two, and recall that a few of those strange shapes in the sky seen by people many years back were in fact the B2 and the F-117. Recall also the sightings of the SR71 before it became public that we had it.

I think we would all be at first utterly astonished and then very, very deeply angry if we really knew what we've developed and kept secret "in the name of national security". I have NO doubt in my mind that there exists research and technology developed or being developed by our government that could change humanity; I have even less doubt that that is the precise reason it is being kept from us.

anti-gravity, cold fusion, ZPE manipulation, Tesla weapons, and a cure for cancer...they just can't let all that out of the bag because it would make capitalism pointless.

besides, way too many people have seen those "black triangles" silently flying in and out of military bases....


who, me :tinfoilhat: ??

They look exactly like the 'flying wedges' many people saw before that program was made public, then the 'sightings' seemed to stop cold.

It only reinforces my belief that our deep-black projects are developing things we see on TV, things we call "science fiction". Proof? Impossible, because of the veil over the projects themselves.

I don't think there are UFOs which originated in space, to be honest; I do think the things people see in the sky are our own test craft.

has not been publicly disclosed.

Yes, a great many 'sightings' from awhile back can probably be attributed to the F117 and its relatives, but that thing was put into production back in the late '80s I think. Experimental aircraft -- especially when the technology is as secret as stealth and so forth -- are pretty well kept secrets. So, yeah...I'd bet most UFO's are of human/military origin. Just my opinion, though.

and I'm NOT saying they have, but... well, it would be kept secret- until the oil runs out. Bank on that.

Pun definitely intended.

http://www.disclosureproject.org/

The press conference is very long.