NEWS: Hacker Hits Air Force Data Base - 33 000 US Officers Personal Info Taken

A hacker has successfully infiltrated the US Air Forces officer Database and disapeared with personal data including birthdates and social security numbers of 33 000 Officers out of the Air Forces 70 000 Officer contigent. It appears the hacker has used a legitimate login to access the data but so far not one case of identity theft has come about from the use of this information.



The accessed information included birthdates, social security numbers, marital status, dependents and educational information including degrees achieved, areas of study, schools attended and overseas duty information.

The hacking was discovered in June but has not been released until now to give investigators time to find more information on the successful cyber break in.

In the wrong hands this information is devasting for the Air Force.


[edit on 22-8-2005 by Mayet]

Just what the terrorist are looking for. Now I am the most computer stupid person on the planet but the military and the Government need to get off of the net.

Someone may straighted me out on this.

Roper

Some of the biggest breaches of information, personal and financial, have not been hacked for identity theft. It is still unclear as to the real reasons many banks this last year had such large breaches and very few reports of any indentity theft. This lastest with the military is one of many that raise questions as to what exactly is being obtained and stored and what future use it will be. I bet there have been more breaches that have yet to make it to the media for various reasons. Someone, or some group has managed to get alot of information over the last two years and one can only ponder what will be done with it.

The hacker apparently used a legitimate user's login information to access and/or download individuals' personal information.

This must have been a privileged user, to be able to access info other than one's own. If it was a privileged user, this is reason enough to be fired.

Spies? Government could be spying on them.

The government itself might be doing it to convince people they (gov) need to restrict and control the internet???

Same with the attack on the banks...

Oh well yes we are just waiting on the restrictions to the Internet will be interesting to watch if this is the start of active campaign duty


Does the average person not see the agendas.

I simply can't believe how freekin stoopid some IT administrators can be.

So much for military grade encryption.

Originally posted by Mayet
Oh well yes we are just waiting on the restrictions to the Internet will be interesting to watch if this is the start of active campaign duty


Does the average person not see the agendas.

I think you ought to take a look at this:

www.eff.org...

and the cost passed on to consumers? Unreal...

Great read thanks for the link.............

and meanwhile every sits back in their seats and curl up in cosy beds at night and ignore all this. Wake up world ..it is nearly to late to stop the rot.

Actually that would work well. Silence for a while then all of a sudden officers houses get blown up, officers kidnapped...that will really bring the people into line... that will really bring the terror threat home and allow all these legislations through without a whimper..

its all for the good of the people in the fight against terrorism *insert scarcasm mode

the silent unseen enemy.

If it was a script kiddie invading the military they would have burned his butt and caught him long ago... Any hacker would have been traced eventually ...




[edit on 22-8-2005 by Mayet]

Alas, this was easily preventable, IMO.

IT people in both the public and private sector need to be educated on the concept of "volume permissions". (I don't know if that is a term used in the industry - I just made it up...)

Interactive access to databases should be limited in the volume of data that can be retrieved per unit time. It should be limited to the amount of data that might reasonably be needed for each individual's job function. Non-interactive ("batch" processing should have limits imposed based on the amount of data that each particular batch process needs to access, and should be limited to used by each specific program, and data volumes logged and regularly checked. Of course, some programs will need to access ALL of the data (for example, a weekly payroll run) but at least you are limiting it to specific programs and not any arbitrary one.

This is similar to one approach that many large Internet Service Providers (such as, for example, AOL) take to limiting spam originating from their users. The system does not permit a single user to send more than a certain volume of email per minute, hour, day, etc.

One can get fancier, and check (in real time) for normal or abnormal access patterns. For example, if one account is accessing one record per hour, 24 hours a day, 365 days a year, something is wrong.

To my knowledge, current database systems do not provide for volume-based permissions. (I am a software engineer, though not a database expert, so it's quite possible that such permissions have escaped my notice, though.) Nevertheless, this functionaity could be easily incorporated programatically in interactive systems. And certainly should be for systems that maintain these types of databases.

(To clarify/correct some comments made by others - it appears, based on the article cited, that somebody somehow gained access to a legitimate user account. This might have been done by guessing a weak password, by "dumpster diving" for the account/password information, through "social engineering" ("hi, I'm your IT administrator, we are having a problem and lost our password database. Could you give me your password so I can put it back into the system?), or any of a number of other common means. It's unclear from the article whether the individual accessed the system through the Internet, through a dial-up port, or from an internal terminal.)

[edit on 23-8-2005 by Bay_Watcher]

Originally posted by Roper
Now I am the most computer stupid person on the planet but the military and the Government need to get off of the net.

The irony of that statement is that originaly, the US Govt and Military WERE the Internet.

The Internet is the worldwide extended and mature version of the original Military and US Goverment computer network.

Whoever broke into that database, however they may have obtained the access codes, is probably now either

I. going to jail
II. been hired by the govt to check up the security loop hole

I usually think it's not bad if someone breaks into a system like that. Yeah, the information was stolen, but it shows an insecurity that can now be addressed.

Why does this have to do with terrorist's, i think paranoia has got to too many people in here.

Most (real) hackers (not script kiddies,crackers etc) want to break into computers for other reasons, mostly being curiousity and dont want to cause any damage to the computers they break in.

This sounds like some hacker has broken into these military computers just because well...they can.

We only have the governments word for it that someone has stolen all these records,which is probably a load of BS,.

The admins of these computers would have said there has been a break in and when asked what the hacker could have gained access to,they would have got told about the possibility of all these identities could have been copied and hey presto presumption in the making.

This was most likely part of that larger security breach that affected many of the so called
security clearance back ground check databases.

Even so, it is inexcusable that this kind of information was not protected.

Most people do not realise how vulnerable even the most secure systems are.

All anyone needs to smuggle out data is a small USB drive.

It must be the season for it, 20,000 pages of Victorian (Australia) Police files got "leaked" to Whistleblowers and our State Governments answer to it is to spend 50 million dollars on a new computer system and set up yet another bureaucracy to pass the buck to next time they don't read an urgent memo. Not that it's that new of a problem here, I had over a decade worth of police files stored at my house.

The conspiracist in me considers this to be a stunt by the U.S military to garner increased funding for higher security. Anyone with half a brain knows that Thor's hammer would come crashing down on them if they even attempted what supposedly occured. Couple that with the militaries claim that they still dont know who did it confirm that its a set up.

Everyone leaves some trace when they use the internet. Also the person who broke in had legitimate account details. That either implies that it was an insider who did it or this account info was written down and some one broke into their home, knew where to look and took it. I could understand this happening in some third world country but any first world country, let alone the United States!, wouldnt have this information accessible.

Also why steal this information? If you gained access or compromised military systems wouldnt you steal something a little bit more important than personal details for U.S officers?

Only time will tell and if we see big increases in military spending on computer security we'll know.

Subs: the hacker most likely just got lucky finding someone with a password that was easy. Thats how 99.99% of all these hacks go.

Remember the UFO hacker a while back? He got in because the idiots that ran the network he broke into left the PC's admin passwords blank!

And for covering your tracks. There's guys that have networks of 1000's of relays established trough worms and trojans. They bounce their signal trough so many systems that it becomes virtualy imposible to trace the signal back to the originator.

The only thing you can do then is wait and see when the information hits the public and catch the guy with good old classic investigation skills.

Does the AMS system run on a secure intranet, or accessible via the internet ?

Other than the references to an 'online intruder' I can't see anything that suggests that they reached the data via the internet.

Maybe the data was acquired from inside the network itself, something like - say if you had a long term contract running on an airforce base, perhaps extending the structured cabling or similar where you'd have an excuse to be in and out of the comms rooms: if you were there a while you'd gaining the trust of the systems manager, who'd get comfortable with you being in and out without being checked on, so while next in there, you are there just plug a laptop into the patching somewhere out of the way, and start poking for vulnerabilities ... Packet sniff for long enough, maybe you'll get what you need, then start harvesting.

... not that I've thought it through you understand.

Seems there is growing speculation that Beijing might be behind some of these recent US government website hacks, or possibly hackers using Chinese websites as proxies to cover their tracks or divert blame. Although the US government has been aware and working on this problem for a few years, not much progress seems to have been made in preventing these unauthorized intruders, wherever they might be operating from .

FBI probes for Chinese cyber spies

Officials are trying to determine whether the continuing hacking efforts are sponsored by Beijing or merely involve hackers using Chinese Web sites to mask their origins, they said.

In recent years units in the FBI Cyber-crime Division, established to combat computer intrusions, have seen hundreds of cases in which hackers using Chinese Web sites have compromised unclassified official U.S. networks.

One U.S. government official, who asked not to be identified, said government investigators had been involved for several years in "working this problem."

www.cnn.com...