Information System Security and the US Military

1
Information System Security and the US Military

• Ben Mascolo ISC 300

2
Terms and Acronyms used

• AKO Army Knowledge Online
• AR Army Regulation
• CAC Common Access Card
• DKO Defence Knowledge Online
• DOD Department of Defence
• IED Improvised Explosive Device

3
Terms and Acronyms used

• PIN Personal Identification Number
• TFTP Trivial File Transfer Program
• UFO Unidentified Flying Object
• WAN Wide Area Network
• PLA Peoples Liberation Army of China

4
Introduction

• Security Measures currently held by the US
  military for its information systems are not
  enough and need to be improved.

5
Introduction

• The gathering of intelligence is key in military
  and paramilitary operations
• The US Military has consolidated all personal,
  movement, and intelligence information into a
  series of inter-connected WANs called DKO.
• This is a relevant issue because enemies of the
  US no longer have to conduct reconnaissance, if
  they can penetrate these information systems.

6
Case 1 of Attack on US Military

• April of 1990
• Dutch Teenagers
• Stole Troop movement information and attempted to
  sell it to the Iraqi government
• Not a direct exploit of the information system

7
Case 1 of Attack on US Military

• Attacked the information system in 3 ways
• Dictionary attack to guess passwords
• Used loop holes in the operating system
• Broke into civilian contractors with access to
  military systems

8
Case 1 of Attack on US Military
9
Case 1 of Attack on the US Military

• The Military found out about the attack via Dutch
  television when the teens publicly broadcasted
  another attack

10
Case 2 of Attack on US Military

• British Attacker
• 40 Years old
• Looked for accounts with no passwords
• Simply logged in
• Left Notes on desktops of users telling them to
  create a password
• Deleted security records

11
Case 2 of Attack on the US Military

• Cost a total of 700,000 in damages
• Was discovered by system administrators after
  they noted many logins from out side the country

12
Case 3 of Attack on the US Military

• Conducted by the PLA
• Specifically attacked Defense Secretary Gates
• The PLA consistently attacks the US Military
• The strategy for penetration is different than
  the two previous groups

13
Case 3 of Attack on the US Military

• PLA Created a Trojan virus
• This type of virus works by having a user
  authorize the install
• The user does this because the virus has another
  seemingly useful virus

14
Case 3 of Attack on the US Military

• The virus exploited a well known security loop
  hole.
• The virus dwelled in the system for 8 months
  before it was found.

15
Current Security Measures

• Two types
• Software Security
• Physical security

16
Current Software Security Measures

• Passwords 2 upper case, 2 lower case, 2
  numbers, 2 special character, must be changed
  ever three months
• Must log in with CAC in order to change password
• Authorization rules certain people are allowed
  access to certain aspects of information
• Encryption

17
Current Physical Security Measures

• CAC ID card All personnel have a smart card to
  access military computers
• Fingerprint ID Some access requires Fingerprint
  authentication
• Separate computers for separate purposes only
  certain computer are allowed to access sensitive
  information

18
Newest security measures

• As of 17 NOV 2008 all USB storage devices have
  been banned

19
Security Measures Needed

• Finger print authentication for access to any
  military computer on top of current security
  measures

20
Long term effects

• Forces the enemy to conduct traditional
  reconnaissance and expose themselves
• They wont be able to easily know routes taken by
  conveys
• Reduces ease of placement of IED

21
Final Thought

• Security measures in information system in the US
  military are strong, but not currently strong
  enough. These information systems track all
  information including movement, personal
  information and military secrets.