The Pentagon today confirmed that attacks against U.S. military computers over the past few months are under special investigation by law enforcement and intelligence authorities.
Deputy Defense secretary John Hamre briefed the House Armed Services Committee on the matter in a classified meeting February 23, according to the House Armed Services Committee. He warned legislators that the attackers were not merely individual hackers, and said part of the problem may stem from the cooperation of insiders within the U.S. military staff.
The news was first reported by Defense Week.
According to a subsequent report by ABC News, some of the most serious attacks are coming from or through computers located in Russia.
After the closed briefing, Hamre addressed a joint hearing of the House Subcommittees on Military Procurement and on Military Research and Development. In his remarks, Hamre warned that while information technology had strengthened and streamlined U.S. military operations, that same technology opened up the United States to new forms of attack.
"Our dependence on these systems, and their ubiquity in every aspect of our operations, has made us vulnerable should they be disrupted," Hamre told the subcommittees. "The same technologies we employ to such advantage are readily and cheaply available to our adversaries. And because they are so inexpensive and accessible, the range of adversaries that can potentially cause great disruption has broadened considerably.
"We now have to establish defenses that will defeat attacks by our major adversaries as well as the terrorist, hacker, and disaffected insider--and the latter is a significant challenge," he added.
Hamre told the committee that the Pentagon detects between 80 and 100 hacker "events" every day. The Pentagon must investigate approximately one in ten of these.
One security expert said that while attacks from Russian and other foreign nations was nothing new, the new breed of hacks posed grave threats in their sophistication.
"There is a steadily increasing number of these attacks," said Alan Paller, director of research for The SANS Institute. "And there are more of these that have three characteristics that set them apart."
The first of these is that attacks are coming simultaneously from multiple, coordinated sites. The second is that the attacks are coming with more stealth, escaping the detection of intrusion monitoring systems by limiting the number of "pings," or connections.
"These are coming in just under the detection threshold, at one every hour, or every three days," said Paller. "They're coming from patient people, who are usually more professional than children."
Along the same lines, Paller said the new attacks were technologically more sophisticated. Increasingly, they are combination scripts that both probe for weaknesses and exploit those weaknesses in the same process.
The government has recently stepped up its efforts against computer attacks. Earlier this year President Clinton sounded an alarm about the serious of computer security threats and outlined plans to prepare for such attacks and to ask Congress for an additional $1.46 billion to fund the effort.