Saturday, November 08, 2008

CNN Reports Chinese Hackers Cracked Pentagon

CNN just had a big report about how Chinese hackers cracked the Pentagon network but not the "top secret" network. However there was some questioning about why President Bush was not responding. There is also question as to whether these Chinese hackers are acting on behalf of themselves, the Chinese government, or someone else. It is probably not good to make assumptions until the facts are known.

The point is - our networks and computer infrastructure is not secure. One of the reasons it is not secure is because we are using computer components with software drivers made in foreign countries. The software drivers are a good place to hide rogue code because it is very low level and would be difficult to track down and verify security problems with this code.

For example, I'm not exactly sure how the software for a network card works, but network information from the remote location probably passes through the network card drivers on the PC before getting into the operating system. What are the chances that network card software is altering the IP addresses that are being displayed as the remote computer from which the traffic is coming.

I have no idea if that is the case but I would think it is possible. I would also think that if a computer could be compromised one of the many people Microsoft employs that potentially worked on network related software could figure out how to swap out key code on a machine and/or cause an alternate class to be called to handle network traffic differently than Microsoft has intended.

How many people really understand the network software to this low level? Probably most of the people who understand it best are the non-US citizens employed by all of the top corporations in the US when they ship in people from Infosys while laying off US citizens who have years of experience and have completed successful projects for them that save them a lot of money (not that I have any personal experience with this or anything.....)

However it is sad but we must also consider the possibility that US Citizens (in a very tough economy created by all this job outsourcing) have compromised systems for external third parties. So it is not just safe to trust US Citizens either.

The issue here is: Audit Everything.