Iran inside US Navy Unclassified Intranet System for Four Months


It took the Navy longer than previously reported to remove Iranian hackers from the Navy and Marine Corps Intranet (NMCI). According to the Wall Street Journal, the hackers had access to the system last year for four months.

The hackers were able to gain access via a hole in a public facing website and conducted surveillance on the intranet, though a senior official told the WSJ that no emails were hacked and no data was extracted.

The NMCI is the largest enterprise network in the world and second only to the internet itself in size. It handles about 70% of the Department of the Navy’s IT needs. It encompasses more than 360,000 computers and 4,100 servers connected together in over 600 locations.

The sheer size of this network makes is very difficult to secure. IT specialists have to make sure everything is kept updated and all security issues are dealt with on the hundreds of thousands of systems.

Attackers just need to find one opening to exploit.

Then once someone does gain access into a network of this size, it can take a long time for security specialists to analyze what was touched, what was compromised and what, if any, backdoors were left.

Though the system is the Navy’s unclassified network, the fact that Iran was able to gain access to this military intranet is very concerning.

It was a real big deal, it was a significant penetration that showed a weakness in the system.” a senior official told the WSJ.

Of interest to this story too, is that just five days after the breach was initially disclosed last year, an Iranian cyber commander was apparently assassinated.

Iranian Cyber Commander Mojtaba Ahmadi’s body was found in a remote area near Karaj. Initial police reports stated that he has shot by two men on a motorbike.

An eyewitness reported that there were “two bullet wounds on his body”, and that ‘”The extent of his injuries indicated that he had been assassinated from a close range with a pistol“.

This style of attack seems to be a very similar to a tactic used by Israeli secret agents.

Though it has not been proved that Israel was involved, and Iranian officials later denied that Ahmadi was assassinated – One thing seems true, physical responses for cyber attacks seem to be on the table.

And, you don’t mess with the United States Marine Corps!


Israeli Cyber Defense Interview

Cyber defense war room [llustrative] Photo: Reuters and Marc Israel Sellem
IDF war room [llustrative] Photo: Reuters and Marc Israel Sellem

Not sure if anyone has seen this yet, but Al-Monitor/Israel Pulse has a great interview with two members of the Israeli Defense Force Cyber Security Team.

In the article, “IDF Hackers Test Israeli Preparedness For Cyberattacks” Lt. Col M. and Capt. A. discuss what it is like being on Israel’s crack team of cyber ninjas. They cover several key topics including thoughts on current threats and the current hot button topic, NSA spying.

Lt. Col M. and Capt. A. lead opposing teams in red team drills. They practice constantly to hone and perfect their skills, but also teach and train those under them to think out of the box in cyber security.

How will the IDF cyber team deal with increasingly sophisticated attacks from Islamic countries and are they concerned about NSA espionage practices?

Our job is to monitor the goings-on and keep track of the technological developments, and we need to know what the threats and risks in cyberspace are. In any event, to protect strategic assets, encryption systems that we develop ourselves in-house, rather than off-the-shelf products, are customarily used,” said Lt. Col M.

The best hackers and security teams create their own programs and work on developing their own exploits. But where would the IDF look to find exploits or weaknesses?

Security holes can be found anywhere. The point of hacking is to find the system vulnerability and leverage it to undermine the entire system,” says Lt. Col. M.

The best way to break into a system is not by running head-on into it. Rather, the most sophisticated attacks, the ones that you can brag about, are those that take advantage of a hidden security hole,” added Capt. A.

It is a very good article and well worth the read as it offers a glance into the security mindset of our Middle East allies.

Check it out!

CyberPatriot V Semi-finals Today

The CyberPatriot Phase V Semi-Finals are Today!

CyberPatriot is a great program designed by the Air Force Association (AFA) and sponsored by Northrop Grumman and many tech industry leaders with the goal to get high school kids involved with the field of cyber defense, and to build interest in technology fields.

The competition is open to all high schools, Civil Air Patrol Units, JROTC, US Naval Sea Cadet Corps Units and accredited home school programs. Check the CyberPatriot webpage for information on how you can get your school involved!

Majority of Indian Army Cyber Breaches from Pen Drives and PowerPoint

General Bikram Singh

Though Chinese and Pakistani hackers are a constant threat to India’s sensitive military information, restricting the use of pendrives and PowerPoint presentations is the key to preventing the cyber invasion against India according to Chief of Army Staff General Bikram Singh.

Analysis of Indian cyber breaches have shown that over 70 percent have been caused by the use of USB Pen drives. General Singh has also ordered that all sensitive war plan meetings be done paperless and that PowerPoint use is to be restricted.

The Indian military believes that doing this along with the standing practice of limiting military information leaked to social media sites will help keep the cyber invasion in check.

Last year the Indian army ordered all of its troops to remove their pictures and any military affiliation from social networking sites. This is a very good move, and one that I wish the United States would do with our troops. Social Engineering hackers are scanning these sites looking for military personal to target.

I have seen military personal post way too much military identifying information on their personal sites. This even includes members of our military cyber teams. And terrorist groups like the Taliban have been known to pose as attractive woman on social media sites to try to lure information out of allied soldiers.