Intel Analyst Charged With Hacking Anti-Terror Program

An analyst at a Defense Department spy satellite agency faces federal hacking charges after allegedly poking around in a top-secret system used in a classified terrorism investigation involving the FBI and the U.S. Army.

Brian Keith Montgomery worked on a covert program for the National Geospatial-Intelligence Agency — the spy agency in charge of satellite and aerial image collection. On April 9, he was carrying out his duties when he saw a message that “provided significant detail about a classified operation” that was unrelated to his job, according to an affidavit filed by a Pentagon investigator.

The operation is not detailed in the affidavit (.pdf), but there is a reference to the 902nd Military Intelligence Battalion, an Army counterintelligence unit based at Fort Meade in Maryland, with a presence at more than 50 other locations inside and outside the United States. The 902nd faced controversy in 2005, when NBC News published documents showing the the unit had been spying on American anti-war protesters. Under the guise of fighting terrorism, the group had filed intelligence reports on legal demonstrations, including a weekly protest at an Atlanta recruiting station, and a protest at the University of California at Santa Cruz.

According to the government, Montgomery ignored a security warning in the message he saw, and twice logged in to a classified system used in the terrorism investigation: first on April 9, when he stayed on for two hours, and then on April 14. He’d gotten the password from another classified message to which he also had legitimate access.

Curiously, just by accessing the system, Montgomery endangered the terrorism investigation, and “caused harm to the U.S. Army and the FBI,” according to the affidavit by Dexter Wells, an agent with the Defense Criminal Investigative Service.

Montgomery’s alleged motives are unclear, but he told DCIS that he was very interested in the information in the program, Wells wrote. Montgomery also told investigators that he thought he was allowed to log in to the system, and hadn’t noticed a warning saying that only officials participating in the operation were allowed to use the password.

via Intelligence Analyst Charged With Hacking Top Secret, Anti-Terror Program | Threat Level | Wired.com.

Stolen Medical Records? Hacker’s Demand $10 Million

The FBI is investigating a $10 million ransom demand by a hacker or hackers who say they have stolen nearly 8.3 million patient records from a Virginia government Web site that tracks prescription drug abuse, an FBI official confirmed Wednesday.

The state police in Virginia are also investigating the possible breach of confidential records.

The FBI official said the Virginia Information Technologies Agency VITA referred the case to the FBI last week, asking for help.

Asked whether people’s personal information is secure, the official said he couldn’t say.

“I really can’t make a declarative statement as to whether anyone’s information is in jeopardy at this point,” the official said.

Asked whether people have been notified that their information may have been breached, the official said it would be up to VITA to do that.

Read Full Article

Electric Grid Hacked By Chinese and Russian Cyberspies

The intruders, who came from countries including China and Russia, were believed to be attempting to map the US electrical system and work out how it was controlled, according to reports in the Wall Street Journal.

Officials said the cyberspies had not tried to damage the grid, but warned they could during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” a senior intelligence official told the paper. “So have the Russians.”

The intrusion spread across the country and didn’t target any specific companies or regions, a former Department of Homeland Security official said. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Source

From The Wall Street Journal

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”

Officials said water, sewage and other infrastructure systems also were at risk.

Source

President Briefed Over Severe, Widespread Attack On Defense Department Computers

Senior military leaders took the exceptional step of briefing President Bush this week on a severe and widespread electronic attack on Defense Department computers that may have originated in Russia — an incursion that posed unusual concern among commanders and raised potential implications for national security.

Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.

Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or “malware,” apparently designed specifically to target military networks.

“This one was significant; this one got our attention,” said one defense official, speaking on condition of anonymity when discussing internal assessments.

Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary.

Bush was briefed on the threat by Navy Adm. Michael G. Mullen, chairman of the Joint Chiefs of Staff. Mullen also briefed Defense Secretary Robert M. Gates.

Source

Get The Latest News Alerts Follow Us On Twitter