Hacking dossier exposes US military embarrassment

The British courts have seen details of numerous embarrassing intrusions by hackers into some of the US military's most sensitive systems.

The British courts have seen details of numerous embarrassing intrusions by hackers into some of the US military's most sensitive systems.

The extraordinary list of violated military agencies is detailed in a document published exclusively by Computer Weekly today, a Crown Prosecution Service review of US evidence against Gary McKinnon, the UFO hacker.

Mckinnon's lawyers used the CPS' 'Review Note 3' to support their argument in the High Court that US evidence against McKinnon is too weak to secure a prosecution in this country and unlikely even to uphold allegations against McKinnon in the US.

The document nevertheless demonstrates how vulnerable US military computer systems were to attack before and after 11 September 2001.

Easy access

The document describes how Remotely Anywhere, a remote access PC tool, was installed on systems belonging to the United States Army Intelligence Center's Battle Lab Fort Benning in the early months of 2002, when the US military was on high alert.

This is the site where the US military tested its Future Combat System of computer-networked infantry which hooked into a HQ battlefield intelligence system designed to give US soldiers the edge in combat. Intruders copied files from Battle Lab's computers, said the report.

Between 28 December 2001 and 5 January 2002 systems belonging to the Patuxent River Naval Warfare Aircraft Division, were broken into, according to the document. 8,000 military scientists conduct research and development at Patuxent into manned and unmanned aircraft systems.

This spring, the US military admitted the Joint Strike Fighter Program Office in Pearl Harbour had been hacked. The JSF is being developed jointly with the UK as a replacement to numerous warcraft, including the Harrier Jump Jet. It was thought the hacks went back only as far as 2007. But US military intelligence was aware of hacks into JSFPO systems in 2002, the document reveals.

The CPS document also details hacks on the US Army Information Systems Command Pentagon, the US military HQ's IT department. From this hub, another 2,500 military computers were scanned prior to 7 February 2002.

The department had been criticised for a loss of focus after reorganisation. Other military IT departments were also hacked. Systems belonging to the 311th Theatre Signal Command, which runs military communications in the theatre of war, were used to scan other computers on two occasions before 3 March 2002, one of which involved a scan of 92 machines.

The accused

The US has accused Gary McKinnon of accessing these systems, and copying, altering and deleting files from these and other US military systems. But the UK's public prosecutor said the US did not have enough evidence to bring him to trial.

Much of the evidence brought by the US government against McKinnon also records intrusions into systems belonging to the premier intelligence units of the US military. Whether or not McKinnon performed these hacks, and whether or not the US can prove that he did, the dossier of hacks lists yet further embarrassments for the US.

It claims that hackers installed Remotely Anywhere on machines belonging to US 902nd Military Intelligence, a counter-intelligence unit at Fort Meade, Maryland, prior to 6 March 2002. The 902nd is charged with staying one step ahead of digital foes.

Other intelligence services that the US admits were hacked with Remotely Anywhere include the HQ Command Air Force Special Activities Center at Fort Belvoir, which is part of the Air Force Intelligence Service (AFIS), and the US Army Criminal Investigation Command in Washington. Intruders actually managed to delete files, says the report.

Hackers also broke into the US Army Land Information Warfare Activity (LIWA), which tries to get battlefield dominance by "protecting, managing and exploiting...information and information systems".

US Republican security chief Curt Weldon told Congress in May 2002, three months after McKinnon's arrest, that the US military's $38bn technology budget included funds to ensure the LIWA's Information Dominant Center monitored all classified military systems 24 hours a day, seven days a week. LIWA's Computer Emergency Response Team had also been hacked.

McKinnon's hacking activities were discovered almost a year before, after intrusions into Weapons Station Earle in Washington, the US Navy Supervisor of Shipbuilding and various NASA and related civilian systems such as one belonging to Computer Sciences Corporation. The attack on Earle was deemed so serious that the Command Centre had to be closed for a week.

Read the Crown Prosecution Service analysis of the evidence against McKinnon here.

Read more on IT risk management