From: fc@all.net (Dr. Frederick B. Cohen)
To: cypherpunks@toad.com
Message Hash: 7bdf30172f1988993af14386b6c230c1e76d2c72f54d5a4b09139c7aa27fcd3a
Message ID: <9512221202.AA06399@all.net>
Reply To: N/A
UTC Datetime: 1995-12-22 12:06:16 UTC
Raw Date: Fri, 22 Dec 95 04:06:16 PST
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 22 Dec 95 04:06:16 PST
To: cypherpunks@toad.com
Subject: Navy hacked by Air Force?
Message-ID: <9512221202.AA06399@all.net>
MIME-Version: 1.0
Content-Type: text
Following is the actual text extracted from iw@all.net - I doubt if the
U.S. DoD will want to release all the details, but we can ask!
>From: iw@all.net
Subject: IW Mailing List iw/951221
---------------------------------------------
Moderator's Note:
Subject: Navy hacked by Air Force
I talked to some people I know about the perported IW attack on a
battleship by the Air Force, and I thought I would help debunk this
story, which my contacts tell me is "wildly inaccurate", but looking
at a few facts. Let's start with the title:
> War of the microchips: the day a hacker seized control of a US battleship
There are NO active US battleships!!! And there weren't any last
September. So, at a minimum, there are factual errors.
...
> BY SIMPLY dialing the Internet and entering some well-judged keystrokes,
> a young US air force captain opened a potentially devastating new era in
> warfare in a secret experiment conducted late last September. His
> target was no less than gaining unauthorised control of the US Navy's
> Atlantic Fleet.
According to my sources this was not "SIMPLY dialing the Internet and
entering some well-judged keystrokes". It was a controlled experiment
with participation of both Navy and Air Force, and involved a great deal
of planning by a large number of people. It was performed using DoD
owned and properly keyed cryptographic devices designed to be allowed to
communicate with the systems being attacked.
...
> He was armed with nothing other than a shop-bought computer and modem.
> He had no special insider knowledge but was known to be a computer
> whizzkid, just like the people the Pentagon most want to keep out.
100% wrong - he was an insider, he had a great deal of assitance, he had
cryptographic devices and keys, and he had special insider knowledge.
If he was an Air Force captain, he could not have been all that young.
Whizzkids are usually considered teenagers. Anyone know of any teenaged
AF captains these days?
...
> A few clicks and whirrs were the only signs of activity. And then a
> seemingly simple e-mail message entered the target ship's computer
> system.
...
> targeted ships surrendered control as the codes buried in the e-mail
> message multiplied inside the ships' computers. A whole naval battle
> group was, in effect, being run down a phone-line. Fortunately, this
Not quite. This was not an email sent from some Internet site and email
messages did not multiply inside the ships' computers. Furthermore, the
total bandwidth of a phone line is nowhere near enough to "run" a naval
battle group, or probably even a naval kitchen for that matter.
> The exact method of entry remains a classified secret.
The first (only?) really true part of the story.
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
Return to December 1995
Return to “Sten Drescher <stend@cris.com>”