cj#360> re: Is this for real?


Richard Moore

Date: Thu, 21 Dec 1995
From: •••@••.••• (Information Warfare Mailing List)
Subject: Re: Naval Battleship takeover - I don't think so. (Long, RISKS-17.55)

I thought RISKS readers might be interested in this moderator's note from
the IW mailing list, responding to the earlier message in RISKS-17.55.

Moderator's Note:
Subject: Navy hacked by Air Force

I talked to some people I know about the purported IW attack on a battleship
by the Air Force, and I thought I would help debunk this story, which my
contacts tell me is "wildly inaccurate", but looking at a few facts.  Let's
start with the title:

> War of the microchips: the day a hacker seized control of a US battleship

No!!! There are NO active US battleships!!! And there weren't any last

> BY SIMPLY dialing the Internet and entering some well-judged keystrokes,
> a young US air force captain opened a potentially devastating new era in
> warfare in a secret experiment conducted late last September.  His
> target was no less than gaining unauthorised control of the US Navy's
> Atlantic Fleet.

According to my sources this was not "SIMPLY dialing the Internet and
entering some well-judged keystrokes".  It was a controlled experiment
with participation of both Navy and Air Force, and involved a great deal
of planning by a large number of people.  It was performed using DoD
owned and properly keyed cryptographic devices designed to be allowed to
communicate with the systems being attacked.

> He was armed with nothing other than a shop-bought computer and modem.
> He had no special insider knowledge but was known to be a computer
> whizzkid, just like the people the Pentagon most want to keep out.

100% wrong - he was an insider, he had a great deal of assistance, he had
cryptographic devices and keys, and he had special insider knowledge.  If he
was a Navy captain, he could not have been all that young.  Whizzkids are
usually considered teenagers.  Anyone know of any teenaged Navy captains?

> A few clicks and whirrs were the only signs of activity.  And then a
> seemingly simple e-mail message entered the target ship's computer
> system.
> targeted ships surrendered control as the codes buried in the e-mail
> message multiplied inside the ships' computers.  A whole naval battle
> group was, in effect, being run down a phone-line.  Fortunately, this

Not quite.  This was not an e-mail sent from some Internet site and e-mail
messages did not multiply inside the ships' computers.  Furthermore, the
total bandwidth of a phone line is nowhere near enough to "run" a naval
battle group, or probably even a naval kitchen for that matter.

> The exact method of entry remains a classified secret.

The first really true part of the story.


 Posted by Richard K. Moore (•••@••.•••) Wexford, Ireland
 •••@••.•••  | Cyberlib=http://www.internet-eireann.ie/cyberlib