March 14th, 2002, 12:19 PM
Mapping The CIA Nonclassified Network
The Full story can be found here .
I found this interesting an insight into how Networks can be mapped without every probing or portscanning.
A London-based Internet security and risk consulting firm last week published the results of a two-day study that highlights in surprising detail the CIA's primary points of presence on the public Internet.
Using open, legal sources of information and without conducting any illegal port scanning or intrusive network probes, Matta Security Ltd. produced a detailed map of nonclassified CIA networks, including several that aren't readily available to the public. Matta's study also uncovered the names, e-mail addresses and telephone numbers of more than three dozen CIA network administrators and other officials.
A CIA spokeswoman cast doubt on the significance of the report, stating that there are many IT professionals within the agency who are "overt" employees and need to have Internet access.
However, some security experts, although vague about the specific nature of potential vulnerabilities such information could be used to exploit, noted the possible threat from determined adversaries who might be able to use the information to obtain more sensitive or secret information or for other forms of attack planning.
"The points of presence all seem to be overt CIA links, and the names are of overt employees who seem to be either system managers or points of reference for billing purposes," said Vince Cannistraro, former chief of counterintelligence at the CIA, who reviewed the report. "It doesn't tell you anything about the clandestine side of CIA networks over which classified information flows and which has no public points of presence. But perhaps these are good starting points for less-scrupulous elements to begin cyberattacks."
A Foot in the Door
Richard Hunter, an analyst at Stamford, Conn.-based Gartner Inc. and a former National Security Agency analyst, cited the report as an example of the threat that open information can pose to any organization, including intelligence agencies.
"Simply knowing the names and e-mail addresses that Matta turned up would be enough for some social engineers to get the rest of the information necessary to mount an attack," said Hunter, referring to hackers who break into networks using information obtained from legitimate users or public sources.
"The fact that this information was gathered through a search on Google.com, which is hardly considered by most people to be a hacker's tool, is especially interesting," he noted. "The network map is rudimentary, but it gives an attacker some idea of where to look first."
And that was the whole point of the study, said Chris McNab, the report's primary author.
"We wanted to draw attention to the risks of publicly available data that could be mined by determined attackers when targeting large organizations," said McNab. "Through issuing simple search engine requests, combined with [network interface card] and [Domain Name System] querying, we were able to build good pictures of the CIA's primary Internet presence, without ever port-scanning or probing their networks directly."
Steven Aftergood, a defense and intelligence analyst at the Federation of American Scientists in Washington, said he wasn't shocked by the results of the study.
"Any server that is connected to the Internet will always leave certain footprints," said Aftergood. "It would be a stretch to call them vulnerabilities. On the other hand, the CIA may be unhappy about this effort because it reveals more than the agency wants the public to know."
March 14th, 2002, 12:48 PM
don´t underestimate the power of google
Dear Santa, I liked the mp3 player I got but next christmas I want a SA-7 surface to air missile
March 14th, 2002, 01:22 PM
It often seems to be the case that lots of information government agencies want to keep unknown to the general public are in fact easy and perfectly legal to access.
Remember the NSA Employee Manual? Anyone could call NSA and request a copy of it.
\"The purpose of abstraction is not to be vague, but to create a new semantic level in which one can be absolutely precise.\"
- Edsger Dijkstra
March 14th, 2002, 01:23 PM
The only downside to that company is that it is the same company that had to post about their abilities in every single forum on AO ... matta ... damn spammers
"To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule
March 14th, 2002, 04:47 PM
yesh, nearly forgot about that, dastardly spammers
[glowpurple]manually editing your config files can break them. If this happens, you get to keep both pieces. [/glowpurple]
March 14th, 2002, 04:58 PM
I'm not impressed. Anyone can claim anything. For all we know they got all of their information by way of social engineering. I'm a bit skeptical about the capabilites of a company that behaves in that manner.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
March 14th, 2002, 08:21 PM
SPAM SUCKS. that is all I have to say.
oh-and that company should be disolved.
Computers make sense people
March 15th, 2002, 10:34 PM
I don't think that a lot of companies understand the whole Spam backlash thing. I'm sure most of them view sending out Spam as a no lose situation.
Its not software piracy. I’m just making multiple off site backups.
March 16th, 2002, 01:00 AM
The company must be using this for propaganda. Why would they attempt to map the CIA network anyways, to much time on their hands? LOL
March 16th, 2002, 01:01 AM
hmm i read this article last night... interesting really... i guess now no one believes in the Closed Network BS...