August 3rd, 2005
Four years after hacker broke into 73,000 Defense computers, are systems more secure?
Over the course of a year, starting shortly after 9/11, British hacker Gary McKinnon, using the handle Solo, hacked into 96 Defense Dept. computers, effectively shut down the naval weapons center responsible for the Atlantic Fleet, and hacked into some 73,000 government computers. These are the charges the US government leveled in a hearing to extradite McKinnon from the UK to the US for trial. (Here’s one news report of the hearing.)
Mark Summers, for the US government, told the court: "During a period from February 2001 to March 2002, the defendant gained unauthorised access to 97 government computers. He was acting from his own computer in London.
"Via the internet, the defendant identified US government network computers with an open Microsoft Windows connection."
Mr Summers said McKinnon, having gained access to administrative accounts, installed unauthorised remote access and administration software named "remotely anywhere" that enabled him to remotely control and alter data on the US computers without detection.
McKinnon accessed 53 US army computers, 26 US navy computers, 16 NASA computers, one US defence department computer and one US air force computer. He is also accused of deleting files which shut down the entire US army’s military district of Washington’s network of more than 2,000 computers for 24 hours "significantly disrupting governmental function".
This is pretty shocking stuff. The Atlantic Fleet was being run on Windows machines with front doors left wide open? Anyone can walk right in and start deleting files and installing software? If this was the case, where do things stand now? How well has the Defense IT establishment cleaned up its act?
