

Anonymous Hacks NATO, Steals GB Of Data - Garbage
http://www.crn.com/news/security/231002347/anonymous-hacks-nato-steals-gb-of-data.htm

======
DrJokepu
I'll just leave this here. DOSing Visa and Mastercard is one thing, espionage
is something very different.

USC Title 18 § 794

Gathering or delivering defense information to aid foreign government

Whoever, with intent or reason to believe that it is to be used to the injury
of the United States or to the advantage of a foreign nation, communicates,
delivers, or transmits, or attempts to communicate, deliver, or transmit, to
any foreign government, or to any faction or party or military or naval force
within a foreign country, whether recognized or unrecognized by the United
States, or to any representative, officer, agent, employee, subject, or
citizen thereof, either directly or indirectly, any document, writing, code
book, signal book, sketch, photograph, photographic negative, blueprint, plan,
map, model, note, instrument, appliance, or information relating to the
national defense, _shall be punished by death or by imprisonment for any term
of years or for life_ , except that the sentence of death shall not be imposed
unless the jury or, if there is no jury, the court, further finds that the
offense resulted in the identification by a foreign power (as defined in
section 101(a) of the Foreign Intelligence Surveillance Act of 1978) of an
individual acting as an agent of the United States and consequently in the
death of that individual, or directly concerned nuclear weaponry, military
spacecraft or satellites, early warning systems, or other means of defense or
retaliation against large-scale attack; war plans; communications intelligence
or cryptographic information; or any other major weapons system or major
element of defense strategy.

~~~
scythe
>Whoever, with intent or reason to believe that it is to be used to the injury
of the United States or to the advantage of a foreign nation

I don't think this qualifies.

~~~
DrJokepu
> reason to believe that it is to be used to the injury of the United States

I think it does. I'm no lawyer, however.

~~~
scythe
I don't know, maybe in the most trivial "if it wasn't going to cause a
problem, why were they hiding it?" sort of way. But it's not "reason to
believe it could be used", it's "reason to believe it _was to_ be used". That
is, Anonymous would have to have thought that the Internet intends to use this
to hurt the United States, that the people to whom they deliver the
information -- people like you and I -- intend to harm the US. Not that they
_could_ , but that they _would_. Harming the US is not among my goals, nor is
it among the goals of most people who will see the documents. That's where I
think it gets up in the air. I don't think most Anons want to start a war,
they just want the American people to protest government secrecy. Bradley
Manning didn't get hit with "delivering defense information to aid foreign
government" and considering the amount of egg he got on the military's face
I'm sure they would've liked to.

------
flexd
Considering "NATO secret" machines are not allowed on networks connected to
the internet they hopefully do not have anything to put people on the ground
in danger.

There could however have been a breach in protocols and someone accidentally
hooked something up but I doubt something that serious could have happened.
It's not like you accidentally hook a fileserver up to the internet.

Confidential documents would (could) still be bad but there are strict rules
about storing those as well.

~~~
gorgoroth666
Don't be delusional, there were/are obviously beaches which are not red
herrings. And all that "classified nato secret", "not allowed on networks
connected to the internet", "breach in protocols" and "strict rules" are BS.

But to say for sure, we would need a thorough analysis of the incriminated
data.

~~~
flexd
I'm not saying this isn't bad enough. I'm just saying there are rules in place
to prevent these kinds of things. Like physical network separation and
machines with disabled interfaces (like network, usb, firewire). You would
require physical access to steal data from those machines and it would be
either guarded or locked away.

Data security is taken very seriously within the military & NATO but I can't
speak for how other countries do things. Accidents happen, things are poorly
secured.

I'm just speaking from my own experience, even if it is limited.

~~~
gorgoroth666
NATO include forces in a lot of countries already. I'm saying a lot of them do
poor jobs.

Are you saying they are so good that the data incriminated is either fake or a
deliberate attempt at misinformation by Nato ?

~~~
flexd
No I am saying that if they are doing their jobs properly any data accessible
from the internet is data that would not pose (much) of a security threat if
released. I agree that most likely a lot of them do poor jobs but you should
not underestimate their rules, regulations and strictness when it comes to
data security.

------
yaix
If a few kids with some SQL knowledge can breach NATO computers in a weekend,
then who can't?

Looks like any gov't with a intelligence service of more than 3 people has had
access to secret NATO documents for a long time. That can't be good.

~~~
lucasjung
These documents almost certainly were not classified SECRET: actual classified
documents are kept on a separate network that is not connected to the regular
internet. They were most likely unclassified documents that were sensitive
enough to be kept to restricted access, but not important enough to be
classified. If they actually were classified, that means that there was a
major breach of protocols just in having them on computers connected to the
regular internet.

~~~
gorgoroth666
It's not like a major breach of protocol is a very rare thing as all personels
are not trained at security to say the least.

I'd bet those documents are pretty damn secret.

~~~
lucasjung
Anyone with access to classified information _is_ given extensive security
training, with regular refreshers. This means that if classified documents to
make their way onto an unclassified system, it was done by someone who was
specifically trained not to do so.

You are correct that, despite this training, classified information do
sometimes accidentally make it onto unclassified computers. It is usually
discovered almost immediately (most often by the person who did it), and
almost always involves very small amounts of information (it's hard to
"accidentally" copy large numbers of files). The bigger the collection of
documents, the more likely it is to be discovered quickly. These events are a
_huge_ deal because the cleanup process is so extensive and thorough.

I've read a lot of conflicting reports in various articles, probably because
most journalists don't understand that words like "secret," "classified,"
"confidential," "restricted," and "sensitive" all have very specific meanings
in a military context and are not interchangeable. As far as I can piece
together, the documents in question were merely "restricted," not secret (not
classified at all, for that matter).

~~~
cookiecaper
While I am sure there are protocols that are followed and motions gone
through, I don't believe even a little bit that everyone with access to NATO
SECRET documents follows these protocols very closely.

We all know how this thing goes. We know we should be using GPG all the time,
we know we should be using exclusively unique, long, random passwords for each
web site we visit, we know we shouldn't enable JavaScript or Flash unless we
have a good reason to trust the site, etc., but _out of convenience_ we ignore
almost all of these things that we know are potential security problems.

That same impulse functions in government, and I would assume it would
function to an even greater extent because most people just have no
comprehension at all that almost every computer network out there, even so-
called "high security" networks from whitehats, intel agencies, etc., is just
sitting wide open and waiting for someone to come along and ask for its
contents.

The one sensible (and probably the least likely outcome) to all of this
LulzSec nonsense would be a _serious_ inventory of the state of our computer
security as a whole, and new industry standards that actually required,
encouraged, and generally deployed competently secured networks. That of
course is almost impossible to fathom and I expect we will get a bunch of
draconian and incomprehensible legislation making it a crime to type too fast
while hacktivists continue to steal everyone's files forever.

I see no end to this kind of activity (because, as before, I don't believe
most people, even big companies or governments, will be able to secure their
digital resources) and it is a serious potential destabilizing force in our
society, which is now so dependent and accustomed to electronic communication.
If the government can't secure its networks and is constantly subject to this
class of attack, what will it do? And how will the citizenry react? This could
have scary, _real_ ramifications before anyone knows it.

~~~
lucasjung
> _While I am sure there are protocols that are followed and motions gone
> through, I don't believe even a little bit that everyone with access to NATO
> SECRET documents follows these protocols very closely.

We all know how this thing goes. We know we should be using GPG all the time,
we know we should be using exclusively unique, long, random passwords for each
web site we visit, we know we shouldn't enable JavaScript or Flash unless we
have a good reason to trust the site, etc., but out of convenience we ignore
almost all of these things that we know are potential security problems._

There's a key difference between the security measures you describe, which
people tend to neglect, and the protocols that keep classified information off
of unclassified systems: the measures you describe are tedious and time-
consuming, so people tend to cut corners on them. When it comes to moving
information between classified and unclassified networks, the opposite is
true: they are completely segregated, so you have to go out of your way to
move information back and forth. The simplest way to do it is by sneaker-net,
and even that is made difficult because these days the computers on military
networks are set up to not mount flash drives, so you would have to burn the
files to a CD, then get that CD past various layers of physical security. It
can be done, but you have to deliberately go out of your way to do it. It's
not something that would happen because someone was being lazy or trying to
cut corners.

> _...almost every computer network out there, even so-called "high security"
> networks from whitehats, intel agencies, etc., is just sitting wide open and
> waiting for someone to come along and ask for its contents._

This is simply not true. All classified information is stored on networks that
are not connected to the regular internet. It's not just a VPN: they are
completely segregated.

~~~
cookiecaper
> _This is simply not true. All classified information is stored on networks
> that are not connected to the regular internet. It's not just a VPN: they
> are completely segregated._

I understand that it's true that there is no physical internet connection to
the computers that access that data in many cases. I tend to believe it's not
so air-tight as supposed but whatever. The Manning case demonstrates that even
keeping your computers on a completely independent network doesn't prevent a
low-level employee (or someone using his credentials...) from just waltzing in
and taking everything. Manning had access far beyond his needs and he was able
to download virtually any data that appetized him. Even on a non-internet
system, if you have multiple millions of people with that kind of access,
you're going to wind up in trouble and you definitely shouldn't assume that
data hasn't gone anywhere.

I also understand that it requires some initial effort to physically move the
data from the private network to a computer attached to a public network, but
I don't think this is really sufficient to stop the transfer from occurring.
The same thing occurs with paper documents -- technically these are never
supposed to leave government property (or corporate property, etc), but it is
still really common for someone to take copies home. While it takes some
effort to take the copies with you, the effort is obviously worthwhile to
ensure easy on-demand access.

The same will be in true in cases involving digital documents, and people will
take out CDs and email the contents to themselves just out of convenience, so
they can pull up the relevant information when they aren't physically at work.
I believe that this happens.

If your network has a comparative handful of users this is probably something
you can manage, but big corporations and governments have a lot of users and I
don't believe that they can keep this stuff from leaking out to the real
internet in violation of protocol eventually anyway, and I also don't believe
that that'd be sufficient to stop leakage even if it were possible.

Again, we see from the Manning case that even if the network was not connected
to the internet, the security on the system was horrible and allowed far,
_far_ too much access. Hackability from the internet isn't the only relevant
consideration here.

~~~
lucasjung
> _Hackability from the internet isn't the only relevant consideration here._

True, but it is the central issue in this thread: the documents in question
_were_ hacked from a non-classified network.

The scenarios you describe for people circumventing barriers between
classified and unclassified systems for the sake of convenience sound quite
plausible, until you consider the severe penalties for doing so. With that in
mind, only incredibly foolhardy individuals would do so for the sake of mere
convenience--a much more serious motivation would be required for most people.
In a large enough organization, _someone_ would most likely do it anyway, but
it wouldn't be nearly common enough to leave "high security networks...sitting
wide open."

Really, the only plausible scenario for significant leakage of classified
information is deliberate espionage. I'm not sure why people keep citing
Manning as setting some sort of precedent or revealing a previously unknown
vulnerability, because this type of espionage has been going on since the
beginning of recorded history, and probably even before that. It's the reason
why access to classified information requires both a clearance _and_ "need to
know." When "need to know" rules are relaxed or ignored, it becomes relatively
easy for people to take information that they have no business accessing and
simply walk out of the building with it, whether it be hard-copies or soft-
copies. This tends to go in cycles, with "need to know" rules gradually
loosening until a major incident occurs, after which they are rapidly
tightened, and then the whole process repeats. There was a rash of such
incidents all at once in the mid-'80s:
<http://en.wikipedia.org/wiki/1985:_The_Year_of_the_Spy>

------
redthrowaway
Given that Anon has yet use anything other than simple SQLi attacks, I wonder
where this data could have been stored (and, by extension, how secret it is).
If it was on a public webserver, then one would expect it to be not much more
than reports and presentations.

~~~
dekz
Replace Anon with LulzSec and you're correct. Anon != LulzSec

~~~
TobbenTM
True

