Hacker taps into US military database

By Derek Sooman on August 25, 2005, 2:16 PM
You seem to hear lots of stories about people cracking into the US military and the Pentagon, begging the questions a)How the hell its done, and b)Why the hell it seems to be so easy? One would think that some kind of military computer system would need to be isolated from the rest of the internet, but seemingly not. There seems to be doors into these kinds of things that are publicly accessible (albeit you need to be a security genius to work them out), and despite the threat of horrible legal action and even jail time, people still seem to be tempted into trying to open them.

Now another alleged hacker would appear to be in trouble for cracking into a US military database one that contained social security numbers and other personal information for 33,000 Air Force officers and some enlisted staff.

Social security numbers, birth dates and other information was accessed some time in May or June, apparently by someone with the password to the air force computer system.

"We are doing everything we can to catch and prosecute those responsible," Maj Gen Tony Przybyslawski said.

User Comments: 4

Got something to say? Post a comment
R.Cade said:
The U.S military created the internet for goverment use, so it would be pretty hard to pull all their systems off it. A lot of times a hacker will use human error to gain access to a system, by tricking a user to give up there password for example, and not by finding holes in the system.
spike said:
[quote]There seems to be doors into these kinds of things that are publicly accessible (albeit you need to be a security genius to work them out)[/quote]I disagree - all you need to do is search google for anything ending in a .mil address. That's how the latest "biggest military hacker ever" did it anyway - without any real knowledge whatseoever - also, no doubt, the reason he got caught.
Phantasm66 said:
spike if you know how to hack into a .mil site please tell us. seriously, i want to know.
spike said:
I wouldn't have a clue personally, but apparently that guy simply reverse DNS'ed the addresses from google and port scanned, found an insecure operational system connected to the web (lets face it, putting defense critical systems on the web isn't the greatest of ideas), and happily insalled remotelyanywher on it, giving him access to more important and better defended machines. Admittedly, he spent a lot of time on this, but there's an awful lot of obsessive people out there with far too much time on their hands.The real question to my mind is why a nuclear superpower such as the USA would have insecure operational systems on the web anyway. If Mckinnon could do it, I'd hate to think the sorts of things that go unnoticed, because you can be sure that 'un-friendly' countries are employing far clever people than mckinnon to have a go at us systems.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.