Computer Security:

Hackers Penetrate DOD Computer Systems

T-IMTEC-92-5: Published: Nov 20, 1991. Publicly Released: Nov 20, 1991.

Additional Materials:

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO discussed the intrusions of Dutch hackers into Department of Defense (DOD) unclassified, sensitive computer systems during Operation Desert Storm/Shield. GAO noted that: (1) computer hackers from the Netherlands penetrated 34 DOD sites attached to Internet, an unclassified network composed of smaller networks nationwide and overseas, between April 1990 and May 1991; (2) the hackers had access to unclassified, sensitive information regarding military personnel, logistics, and weapons systems development data, which can be highly sensitive during times of international conflict; (3) the hackers generally gained access to the DOD computer systems by weaving their way on Internet through university, government, and commercial systems; (4) the most common weaknesses hackers exploited to gain access into military sites were accounts with easily guessed passwords, well-known security holes in computer operating systems, and vendor-supplied accounts; (5) the majority of the hackers' activities were aimed at modifying the system to obtain system administrator privileges and to create new privileged accounts and establish methods for later entry; and (6) in most cases a university, contractor, or DOD official notified system administrators of an intrusion which prompted them to either secure their system or temporarily leave the vulnerability open to determine the intruder's identity. GAO believes that: (1) security weaknesses that permitted the intrusions highlight inadequate DOD attention to computer security; and (2) poor password management, failure to maintain audit trails, and inadequate computer security training all contributed to the intrusions.

Sep 18, 2014

Sep 16, 2014

Sep 8, 2014

Jul 17, 2014

Jun 25, 2014

May 30, 2014

Apr 17, 2014

Apr 2, 2014

Jan 28, 2014

Jan 8, 2014

Looking for more? Browse all our products here