Custom Page

Read Me First System Security ***PC Security ***Watchdog/Paranoia ***Active Response ***Insecure Education ***Designing Weapons Security ***Terrorist Article Intelligence ***Public Secrets ***Relating Trivia Tech Transfer ***Mining Technology ***Tech Links The Future of Aggression Community Archeology Resume/Experiences Clients ***Part D Slides Thoughts

 PATRIOTIC TERRORISM IS DESTROYING INFORMATION SECURITY STRATEGIES
published by Defence Magazine, London, UK

Trusted employees believing that they are acting in the best interests of American society are
exchanging information to prove their patriotism and loyalty outside the corporation.  The
resultant insecurity leads to the disruption and destruction of national and corporate resources.
Patriotic Terrorism (PT) is an intended misuse of security resources and practices designed
to release intelligence or do damage as a statement of self professed patriotic freedom
fighting in an objection to policy.  Social engineers develop software, computers and networks
as aggressive weapons.  They develop Information Warfare (INFOWAR), a new concept for
war-fighting.

Research about the INTERNET and select Bulletin Board Systems (BBS)  coupled with
studies of computer security aberrations allow hackers to explain weaknesses in information
management strategies.  Correlation of BBS captures explains intrusion mechanisms and
intelligence gathering techniques that are unnoticed by National Security and Corporate
bureaucracies.  Hackers duplicate secure R&D using information collected while roaming
cyberspace.  In place of watching "soap operas" for amusement, one needs only log-on to
certain BBS to read Agency E-mail or traverse Usenet.  Laws are not broken by browsing.
The information has been placed in a public domain by disgruntled employees.  Using
"warrantee logging software" collected from software manufacturers, hackers can create a
virtual node that captures and hands off information to the cuckold true node.  The virtual node
copies information for later analysis and misuse by anyone.  Kevin Mitnick, a notorious hacker,
proved this approach practical before he let himself get caught.  Confession is a profitable
motive to reformed hackers.

Sobczak warned the FBI about an INTERNET worm emanating from MIT's Artificial
Intelligence Laboratory.  Robert T. Morris was convicted of shutting down the INTERNET.
Morris' friends were talking before he acted.  The FBI ignores all warnings.  The FBI's
sensitive computer security crime laboratory at Quantico had been opened to all by social
engineering hackers.  Children of trusted FBI computer crime employees invited hacker friends
to the annual 4th of July Picnic.  The reader should review the weaknesses explained here
against personal experiences.  Insiders, usually on ego trips, help outsiders to purloin and
destroy data that security managers think is secure.

NSA documents, created in the Director's office (Adm. Studeman) were leaked into the public
domain by disgruntled NSA employees.  Sobczak supplied copies to the Director's aide,
LCDR. Vaurio.  Morris related INTERNET worm code and correspondence, including draft
letters prepared for the Secretaries of Defense and Commerce by NSA officials, were
available.  Attempts to get someone to act on data leaks in DOD and the Intelligence
Community go nowhere.  No person can know secrets from ultra-high security sources.  Not!

Hackers have created open source intelligence techniques designed to find secure technology
located in public sources.  Secrets made available by PTs appear in the video and print news
media six to eight months after they appear in cyberspace.  In the early 1980's Sobczak was
a participant in the USAF Integrated Computer Aided Manufacturing (ICAM) automation effort.
He used freely given ICAM Manufacturing Science products as tools to collect and structure
information.  He created data warehouses before the term became popular.  He found that
hackers create and apply information methods to "pan for technological gold" in the streams
created by free speech coupled with network connectivity.

Without specifically looking for national security topics, a savvy reader will find technology and
intelligence on BBS and the INTERNET that he might term "interesting reading" or "strange
things." (CIA Code words for secrets) Select any topic and request other INTERNET users
to capture data about it for you.  Years of experience points' hobbyist collectors to areas of
national security and military technology.  A wise researcher uses proxies to accomplish
human intelligence so that monitors never put his MO at risk.  Hackers have frustrated
intelligence contractors by contacting them directly, as a lark, to identify suborned "key"
players.  While planning to market his PT research to the US Army Intelligence Command
(AIC) at Fort Huachuca, AZ, Sobczak found five Intelligence Projects and their contractors.
His telephone calls to the contractors, telling of their insecurity, drew outright disbelief and
annoyance.  Hughes, GTE Government Systems in two locations, Paramax, PRC, SAIC,
IAFSTC and DIA/DTI have been identified through leaks within the AIC hierarchy.  Defense
Intelligence Agency (DIA) is the ultimate source of funds for Army Intelligence.  The agency
had Mr. Young as Program Manager for the Army Foreign Science & Technology Center
programs, ie, data gathering using an innocuous name.

DOD's  databases, when sorted, identify, Patriotic Terrorism (PT).  PT originates as
combinations of comments on BBS and in opinions concerning Administration or Corporate
policies that trigger anti-everything comments in BBS and USENET Special Interest Groups.
As Ms. Lee, ASD (Reserve Affairs) spoke of expanded use of reserves, individuals in the
reserves with access to plans discussed means to forestall the use of reserve units or certain
weapon systems in active duty assignments. 

Hackers unobtrusively collect thousands of lines of "how to do it" text and software code.
SATAN, a program originated within the programming shop at Silicon Graphics was monitored
from its earliest alpha testing.  Before identifying Satan, hackers concocted intrusion tools
created via an integration of "FH" (I'm just a Fuck'n Hacker) and "Wargaming."  IBM's key
word in context (KWIC) logic linked intrusion software to find and track programs that evidence
a potential to be secret.

Unorthodox data mining technologists are introducing home-grown policy to address the threat
posed by unfettered disclosure of secrets.   Because of the nature of the information collected,
hackers have and will continue to share data.  Secure data, thus shared, is put at risk.

Info Specialists need research in the technology of hacking to understand and suborn hackers.
The wise student studies computer interdiction from the view point of the hacker, cracker,
phreaker and information spy.  Individuals who provide secrets or define the means to destroy
equipment are for the most part trusted DOD/Agency staff members' and/or contractor
personnel or children who share information Daddy worked-on at home. 

PT occurs when individuals show their objection to policy by releasing knowledge not normally
available to the public or by initiating damage to equipment and/or facilities.  As the US
attempted to plant a computer virus in printers destined for use with Iraqi equipment, the US
Army suffered software reengineering by the Fort Sill virus.  No one suspected internal
subversion.  Millions of lines of reuseable code are flawed.

The individual describing and providing drawings of the screw noise cataloging system portion
of the UNISYS Deep Submergence Project frequents at a Long Island Comedy Club.  422
open nodes at Northrup-Grumman Corporation on Long Island and in Virginia, some affecting
JSTARS, are published by 2600 magazine.  Security monitors have regularly ignored the
potential loss of MCM technologies at ARPA.  Someone, using his social life as a weapon,
tried to suborn the Director. (All examples are more than five years old.)

Hacker scientists have created means to track individuals seeking to buy or trade for secure
military research and development technologies, or individuals who post their agency secrets
for all to read.  Hackers have learned how easily an intruder might damage equipment and
application systems (Word Macro virus is a good example).  In the civilian world this process
is dignified using the term "competitive intelligence."  Sobczak successfully identified attempts
to define and copy the design and manufacturing processes associated with the Sterling
Engine used by the US Navy Submarine Service (Newsweek, May 4, 1992).  Based on media
reports this stolen technology is now in use by the Russian Northern Fleet.  It was collected
and sold by a Swedish company

Sobczak PT research allowed the Department of the Navy and the Naval Investigative Service
to be told about the theft and distribution of Level of Repair scenarios for the F-14C/D and F-
18A/B Carrier-based aircraft avionics.  Computer models were resident on a Bulletin Board
System in Warsaw, Poland.  We advised Naval Electronic Security Command, New
Hampshire Avenue NW Laboratory of hobbyist experimenters ability to disrupt the micro chips
necessary to the flight stabilization of the Seahawk Helicopter and its US Army variant
Blackhawk. (Security Intelligence Report, July 26, 1993).  Sobczak found attempts to sabotage
the Video Display Unit snapback mechanism on board the SOCOM MC-130H to cause
operator failure.  He provided his research to USAF/SAM/RSD and to Major Gus Taylor at
Special Operations Command (SOCOM), McDill AFB.  BBS provides an equivalent array of
commercial technology for collection and misuse. 
 
American Technologies valued in billions of dollars are given away each year.  These losses
trouble national security.  (Sobczak quoted in TIME March 1995).  Foreign intelligence
services use talkative Americans as foils to provide trade and other secrets.  Inquisitive
Americans are manipulating and evading capture on thousands of DOD computers.  In many
cases' employees have authority to attain that which they steal.  Intrusions into Defense
computers have proven this regularly.  Hackers use DOD security policy against itself.

White hat hackers (Good Guys) are defining and documenting methods to recognize
unauthorized interest in state-of-the-art technologies.  Basic tasks involve defining the
psychology of individuals who trade upon secrets from the workplace.  As witnessed by
previous paragraphs, thousands of insecure comments and actions emanate from trusted
individuals as objection to official policy.  At the NSC level, politics makes it practical to leak
information for advantage.  At the field soldier level, frustration and ego cause costly losses.
Sobczak soothed the wounded ego of an AF Colonel and found the SAC (now STRATCOM)
mission planning computers.  The supposed inaccessible device has accessible telephone ties
to a downtown Omaha, USAF office.

Further study is  identifying the psychological characteristics of individuals who give or trade
data, technologies and secrets.  They accomplish thieft in an objection to policy of which they
disapprove.  Intruder characteristics and indexed sources/repositories designate trigger
mechanisms that cause data loss via free speech on unsecured devices, or, attempts at
destruction by self professed Patriots and world corporate citizens.

Collected information does not violate current privacy laws or any Executive Order.  It readily
identifies the source of  data  to the immediate work area of an individual employee of the
Department or Contractor.  Hacker scientists do not wish to violate any individual's first
amendment rights but find it necessary to understand how frustrated individuals function.
Hackers are monitoring the US Army/CSC Intelligent Agent program and  other agencies'
intelligence gathering software.  These methods and experience allow identification of
seemingly unrelated key words substituted by those hiding purloined secrets in public
repositories.

Hackers are establishing and ranking classes of aggressive mechanisms and the data most
easily accessible to or distributed by trusted employees.  This Sobczak created baseline
defines stimuli that trigger PT's to act.  No one is acknowledging patriotic terrorist caused
insecurity. 

Individuals, in the employ of Federal Law Enforcement/Security Agencies are likely to be
convicted computer felons given parole in return for using illegal methods against their peers.
Resourceful peers recognize this trap and use the trap against sponsoring Agencies.  PT's are
not stupid people.  They suborned the Los Alamos National Laboratory (LANL) "Hacker
Project" conducted by Ted Handle for Col. John Alexander.  Hackers fed  collectors incorrect
information that cost the Army-sponsored program millions in unnecessary research
investment.  Individuals spoofing LANL recognized John Alexander as Col. Alexander, an
enemy of their community.  It is consequently that INFOWAR technology is failing.  Lazy
scientists accept garbage as valid hackers postings.

The record shows government and corporate information channels are open to anyone who
seeks to browse or diddle.  In 1994 more than 180,000 intrusions occurred.  This equates to
nearly 500 intrusions daily across 28,000 locations.  About 9,000 intrusions affected
computers and networks thought to be impenetrable.  Ninety-nine percent went unreported
to higher authority.  There are ten times as many hobbyists positioned to effect sabotage than
there are hackers.  Security managers should be worried about this insider threat.

Sobczak published reports explaining that distributing and acquiring sensitive data and
information is occurring under the sponsorship of unknown individuals, corporations, and
foreign nations (Conservative Review 1994).  Spies and saboteurs use human engineering
techniques to find data and information about technologies and weakness.  They market
purloined information as competitive products.  Some sell knowledge to suborn or destroy C3I
systems.  Others track and harass enemies, former marital partners, or those they feel
insulted them for whatever reason.  The evolution of available technology has changed and
enhanced the tools by which industrial and other spies accomplish ELINT, SIGINT, RINT,
COMINT and HUMINT goals. 

Continuing research has cataloged major threats to activities within the federal government.
"Black" government is losing secrets and technological equipment plans in ways unanticipated
by in-house security strategists.  Information sources are part-time PTs or "wannabees"
functioning in the public domain.  One needs only to uncover them to be privy to national
secrets targeted for destruction by yet to be defined means.  The sample provided below
reached Sobczak before they cut the orders at the Pentagon.

**************************************************************************************************************************************************************************
Date:          Wed, 15 Feb 1995 11:36:07 U
Reply-to:      Military Hysterics
Subject:       Reflagging Army Divisions

I just saw this note from the Pentagon (date-time group 102324Z Feb 95)  The Chief of Staff of the Army announced the names of the divisions that will
be retained on active duty  . . .
     The 2nd Armored Division (Ft Hood) will be redesignated the 4th Infantry Division (Mech).
     The 24th Infantry Division (Mech) at Ft Stewart will be redesignated the 3rd Infantry Division (Mech).
     The 3rd Infantry Division (Mech) in Germany will be designated the 1st Infantry Division (Mech).
     The 1st Brigade, 6th Infantry Division (Light) in Alaska will retain its designation but will be aligned with the 10th Mountain Division in New York.
     The 1st Brigade, 7th Infantry Division (Light) at Ft Lewis, sometimes  called the 9th Infantry Regiment (Manchus), will be redesignated the 1st Brigade,
25th Infantry Division (Light)...

     The Center for Military History developed a quantitative ranking scheme among the 12 divisions currently active, awarding 1 point for each year in
service, 2 points for each campaign streamer, and 2 points for each U.S. unit decoration.  The divisions were then rank-ordered by category (Light,
Airborne, Heavy)...
                        Joe Hacker
                        JHACK@pentagon.mil
 *********************************************************************************************************
Information spies using commercially available listening devices regularly poll the entrances
to the Pentagon.  Smokers discussing current development of a low observable naval war
vessel stand on the River Entrance stairs.  Comments concerning contractors and technical
options are carryovers from meetings held in secure conference space.  Anti-smoking
regulations are hazardous to national security.

Similar occurrences take place at Wright Patterson AFB in area "B."  Individuals along the
John Glenn Highway have line of sight to a smoking area outside the Strat SPO.  This is at
the rear of Building 52 near several large microwave receivers.  Discussions here deal with
the non-nuclear B-2 bomber. Discussions are primarily extensions of meetings about SERDs.

Sobczak monitors repetitive occurrences of PT activities.  The Interests Ltd. publication
SECURITY INTELLIGENCE REPORT has published these disturbing results.  The study of
PT requires care so as not to cause PT's embarrassment.  Uneasiness causes' PT's to go
underground, disconnect from on-line, and/or dump data offshore, all detrimental to national
security.  PTs use data as chaff to mislead and/or evade identification.

No topic can be hidden if an individual exercises logic, common sense and tenacity in
extracting information from the vast universe of participants using INTERNET and BBS or from
foreign proxies known to those who seek knowledge designated secure.  What proved most
interesting was polling to detect if other individuals were extracting secrets from PT's either
knowingly or by accident.  They are.  Several consulates in New York City maintain
intelligence gatherers posing as commercial representatives.  They poll the INTERNET.
These people attend meetings and seminars, join technical societies and clubs, and trade
equipment and software for secrets.  The number of individuals who freely exchange
information allows novice collectors with sufficient disposable income or with a well-funded
sponsor to create automated transmission, tracking and reception facilities necessary for illicit
data collection and distribution.  Many military personnel, particularly reservists, have these
resources at their disposal while on duty.  Ego and self interest drives them to become PTs
out of boredom.

Hackers copy satellite downlinks at will in Staten Island, NY (Merrill Lynch Teleport).  Fiber
links between CITIBANK in New York City and a back office in Queens, NY.  They also
monitor other Financial Market facilities from Long Island City, Queens, NY.  Ten blocks away
from the fibre links, microwave transmissions to the United Nations and NYPD vehicles are
monitored.  The disk antennas on the roof of a factory across form the United Nations
compound are marked US Army. 

Pins are randomly copied on the Long Island Expressway at the Mid-town Tunnel and sold to
drug dealers at the expense of AT&T and its competitors.  Hobbyist experimenters have
reprogrammed and later misused electronic telephone switches (ESS-5 and above).  New
York City, Washington, D.C., Pittsburgh, and Los Angeles have fallen victim to problems,
described as accidents to calm a trusting populous.  Hobbyist technologies and resultant
aggressive systems readily surpass commercial and military  equivalents. 

Hacker encryption technology outstrips that available to Federal scientists.  This is the result
of PTs sharing to the detriment of national policy.  If you surf the INTERNET you will find
detailed "how-to-spoof" explanations at INTERNET nodes ranging from http://www.att.com
(written by Mr. Morris) to several xxxx.mil locations.  Mike Higgins (DISA-CERT) staffers are
said to brag about their successes sufficiently to identify places to be avoided by professional
PT's.

The National Intelligence Program and defense research and development are at risk to those
who consider peace a license to act destructively.  Technologies that required millions of
dollars of investment in research and development are lost to those who object to them and
misuse them.

PT research provides both indicators and a taxonomy for continuing risk and loss assessment.
The methods PTs use are non-traditional alternate strategies for gathering HUMINT
information.  Security agencies should integrate PT research results into strategies that shape
positive security.  Is your best worker an inadvertent spy?  How tough is your security
strategy?