Anti-U.S. Hackers Infiltrate Army Servers - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

Anti-U.S. Hackers Infiltrate Army Servers

Exclusive: Defense Department investigators subpoena records from Google, Microsoft, and Yahoo in connection with ongoing probe.

A known computer hacking clan with anti-American leanings has successfully broken into at least two sensitive Web servers maintained by the U.S. Army, InformationWeek has learned exclusively.

Department of Defense and other investigators are currently probing the breaches, which have not been publicly disclosed.

The hackers, who collectively go by the name "m0sted" and are based in Turkey, penetrated servers at the Army's McAlester Ammunition Plant in McAlester, Okla., and at the U.S. Army Corps of Engineers' Transatlantic Center in Winchester, Va.

The breach at the McAlester munitions plant occurred on Jan. 26, according to records of the investigation obtained by InformationWeek. On that date, Web users attempting to access the plant's site were redirected to a Web page that featured a protest against climate change.

On Sept. 19, 2007, the same hackers electronically broke into Army Corps of Engineers' servers. That hack sent Web users to www.m0sted.net. The page, at the time, contained anti-American and anti-Israeli rhetoric and images, records show. It currently appears to be an Internet landing spot that features airline reservation links.

Beyond the redirects, it's not clear whether the group was able to obtain sensitive information from the Army's servers.

The hacks are the subject of an ongoing criminal investigation by Defense Department officials and members of the U.S. Army's Judge Advocate General's Office and Computer Emergency Response Team. Investigators have executed records search warrants against Microsoft, Yahoo, Google, and other Internet service and e-mail providers as part of their efforts to unmask the hackers' true identities.

Investigators believe the hackers used a technique called SQL injection to exploit a security vulnerability in Microsoft's SQL Server database to gain entry to the Web servers. "m0sted" is known to have carried out similar attacks on a number of other Web sites in the past -- including against a site maintained by Internet security company Kaspersky Lab.

The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.

Equally troubling is the fact that the hacks appear to have originated outside the United States. Turkey is known to harbor significant elements of the al-Qaida network. It was not clear if "m0sted" has links to the terrorist group.

Defense Department officials did not immediately return calls seeking comment on the case.

InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll