Russian Hackers Steal Top
US Weapons Secrets
By Matthew Campbell
AMERICAN officials believe Russia may have stolen some of the nation's most sensitive military secrets, including weapons guidance systems and naval intelligence codes, in a concerted espionage offensive that investigators have called operation Moonlight Maze.
The intelligence heist, that could cause damage to America in excess of that caused by Chinese espionage in nuclear laboratories, involved computer hacking over the past six months.
This was so sophisticated and well co-ordinated that security experts trying to build ramparts against further incursions believe America may be losing the world's first "cyber war".
Investigators suspect Russia is behind the series of "hits" against American computer systems since January. In one case, a technician trying to track a computer intruder watched in amazement as a secret document from a naval facility was "hijacked" to Moscow from under his nose.
American experts have long warned of a "digital Pearl Harbor" in which an enemy exploits America's reliance on computer technology to steal secrets or spread chaos as effectively as any attack using missiles and bombs.
In a secret briefing on Moonlight Maze, John Hamre, the deputy defence secretary, told a congressional committee: "We are in the middle of a cyber war."
Besides military computer systems, private research and development institutes have been plundered in the same operation. Such institutes are reluctant to discuss losses, which experts claim may amount to hundreds of millions of dollars.
"We're no longer dealing with a world of disgruntled teenagers," said a White House official, referring to previous cases of computer hacking in which pranksters have been found responsible for incursions. "It is impossible to overstate the seriousness of this problem. The president is very concerned about it."
The offensive began early this year, when a startling new method of hacking into American computer systems was detected. A military computer server near San Antonio, Texas, was "probed" for several days by hackers who had entered the system through an overseas site on the internet.
Dozens of infiltrations ensued at other military facilities and even at the Pentagon in Washington. When research laboratories also reported incursions using the internet technique, officials realised that a "cyber invasion" was under way.
"There were deliberate and highly co-ordinated attacks occurring in our defence department systems that appeared to be coming from one country," said Curt Weldon, chairman of a congressional committee for military research and development. "Such a thing has never happened before. It's very real and very alarming."
Even top secret military installations whose expertise is intelligence security have been breached. At the Space and Naval Warfare Systems Command (Spawar), a unit in San Diego, California, that specialises in safeguarding naval intelligence codes, Ron Broersma, an engineer, was alerted to the problem when a computer print job took an unusually long time.
To his amazement, monitoring tools showed that the file had been removed from the printing queue and transmitted to an internet server in Moscow before being sent back to San Diego. "It turned out to be a real tough problem for us," he told a private computer seminar last month.
It is not clear precisely what information was contained in the stolen document. Beyond its role in naval intelligence, Spawar is also responsible for providing electronic security systems for the Marine Corps and federal agencies. It is suspected that several other intrusions had gone undetected.
Oleg Kalugin, a former head of Soviet counterintelligence now resident in Maryland, said such facilities were prime targets for Russian intelligence. He said the Federal Agency for Government Communications and Information, a former KGB unit that specialises in electronic eavesdropping, was certain to be exploiting the internet for spying on America. "That's what they're good at," he said.
America's high-precision technologies, including weapons guidance systems, are of particular interest to a country such as Russia where economic woes have prompted crippling cutbacks in funding for military research. "Russia is quite good at producing technology but can't afford to finance the research," said Kalugin. "It's easier to steal it."
The computer assaults have given fresh impetus to measures ordered by Clinton more than a year ago to protect the country's electronic infrastructure. Alerted to the threat of Moonlight Maze, the president has called for an extra $600m to help fund a variety of initiatives, including an infrastructure protection centre in the FBI to gauge the vulnerability of computer systems to attack.
He has ordered the military to develop its own information warfare capabilities to respond to such attacks. But Weldon, describing dependence on computer systems as "the Achilles heel of developed nations", said this is not enough. He is advocating the creation of a unit in the Pentagon under a senior commander to oversee the defence of computer systems.
According to other experts, America has been so preoccupied with beating the Y2K (year 2000) or millennium bug - a programming problem that could paralyse computers on the first stroke of the new year - that its military, scientific and commercial communities have neglected the overall security of their computer systems.
At the same time, the huge number of systems being overhauled to make them Y2K-compliant has heightened the risk of infiltration.
Alarmed by the theft of military documents whisked to Russia, American officials argue that the country should brace itself for other, equally disturbing forms of information warfare that, in theory, could bring the country to its knees.
China, Libya and Iraq are developing information warfare capabilities and, according to one White House official, "we see well-funded terrorist groups that also have such capabilities".
A series of war games conducted by experts last year revealed that the world's greatest superpower could be at the mercy of a handful of determined computer hackers paralysing airports, markets and military systems with a few taps on a computer laptop.
Suspicions that Russia is responsible are based partly on the involvement of Moscow-based internet servers in some attacks. But experts caution that evidence of a Russian hand in the operation may not signal a Kremlin connection.
"It could turn out to be Russian organised crime," said one expert. "And they could be acting as a front for the intelligence community."
Ironically, the Russians are pressing for an international treaty to freeze information warfare. "We cannot permit the emergence of a fundamentally new area of international confrontation," Sergei Ivanov, the former Russian foreign minister, wrote in a letter to Kofi Annan, the United Nations secretary-general in October.
Subsequently, Russia's relations with America have reached their lowest ebb since the cold war because of Nato's intervention in Yugoslavia. Relations with China have also suffered. An offensive in cyberspace may be their one way of retaliating without getting into a shooting war.