Question About Hackers

Why do we always hear about (the possibility of?) hackers breaking into sensitive pentagon weapons computers (and other top-secret government systems)? Is it possible to access a computer that is unconnected to the internet? If not, why not just put all sensitive information on computers that do not have such connections?

The information is next to useless if it can’t be accessed. Sure, you could have a computer storing the info that was only connected to dedicated terminals, but that would really limit who could access the data and what could be done with it.

Even if the computer is not connected to the internet someone can find a way to get to it and access the information so to be even safer I say the information should just be totally destroyed so no one can access it.

sailor: Even if the computer is not connected to the internet someone can find a way to get to it and access the information…

Sure! All you need to do is get your sexy female friend to sneak into the complex in disguise and drug the guy who usually uses the computer (while putting a small homing device on him) so that he gets sick and has to puke his guts out. While he is doing that, you sneak through the ventillation shaft and lower yourself down into the room that the computer is in, after raising the temperature to 98.6 degrees so that your body heat doesn’t trip the alarm system (of course :rolleyes: ). Then, you just get the info you want - no worry - because your gruff, bald friend in the van outside can tell if the computer user is coming back from the bathroom, thanks to the homing device!

Oh… don’t leave your pocket knife behind.

If the computer is not connected to the outside world in any way (most sensitive info is stored this way – called stand-alone), there is no way to access the information without being at the machine.
Just because a machine isn’t connected to the internet doesn’t mean that it’s not connected to the world. It might have a modem, which can be dialed up. It might be connected to a network (LAN) that is connected to some other computer that is has a modem. some moron might have connected his laptop to the same network and the internet, thus bridging the gap.
But generaly speaking, the best way to protect your info is to not connect to anything, not a LAN, not the Internet, not a BBS, nothing. If you do, you are vulnerable–so the Pentagon doesn’t (as a rule) do those sort of things with computers that contain sensitive information, or are connected to one that does.

Most computers that hackers hack and get press have to be connected to the Internet or a network of some kind. NASA seems to be a goal of a few I knew and know and from what I hear, its relatively easy.

Then you got your holy grails, some that may be pretty impossible to check out but have to be hooked up to some sort of network or Internet like design because they encompass the entire country.

Pentagon (lvl 3 and higher)
NORAD
Eastern and Western Power Grids (State and Nationals)
Terminal Grids for Airports TRACON as a example

These pretty much have to be due to the havoc that could be caused if a root access fell into the hands of someone like Iraq (bad) or China (worse)

That is just US versions, then you have Business networks. Microsoft is a big one (though the sensitive data is on stand alones without networks as the saying goes) IBM too.
A majority of those hacks reported on the news are very loosely termed “cracks” (remember crackers are the bad guys, hackers are the ones just seeing if they can do it) Often its is someone found a backdoor somewhere that someone mindlessly left open and exploited it then got caught or someone using a script (script kiddie-otherwise known as “the monkey pushes the button”) to crack into a Database or the like.

Of course, what is scary is that some of the best hackers and crackers may never be caught due to their tenacity of not being a loudmouth braggarts like some many script kiddies are today. Those are the ones that you may either root for or fear.

Hacker: A talented computer or electronics enthusiest with a passion for solving problems in exciting and interesting ways.

Cracker: Moron with little skill who breaks into computer systems (99% of the stuff you hear about on the news takes very little skill; these people are Crackers.)

Here’s the Jargon file entries on hacker and cracker

Thank you!

I couldn’t find the jargon file fast enough. The media has defined “hacker” as bad, when it’s actually the positive connotation - the “crackers” are the bad ones.

Well, those and the “script kiddies”…

So then, the risks that the press portray about the possibility of hackers breaking into sensitive material is about less than the top-top secret stuff. I always had the impression that the stuff was only protected by super-duper-looper anti-hacking software, which raised ocasional worries about its effectiveness. What you (and Heath Doolin) are saying is that this is simply not true. Thanks.

I know it is only fiction, but Tom Clancy wrote a book about Japanese terrorists who use a computer virus to crash the Stock Market. In his story, they had to bribe a stooge to upload the virus during a mainframe software upgrade, that being the only way to access the computers.

Some things may be used to better protect the system (firewalls, encryption and other such things)

Some use it, some don’t. A perfect example of this is the Los Alamos incident. Basically the guy just copied some real top shelf stuff on nuclear secrets simply by logging into the computer and copying it. This should have been under some heavy security but was easily surpassed with the right person with the right credentials.

Not all cracking needs to be from some far off computer. Think in terms of this. Person A needs to get said protected document from computer B which is firewalled, encrypted, etc etc. He can try braking the wall and decrypting it if he has the next 1000 years or he can
A) Go low level, hack into a monkeys computer that has limited access to said computer B and spoof it into believing his is said monkey, thereby giving him access. That supasses said firewall and can give him access to certain tools to decrypt data(possibly)
B)Set himself up as a dummy employee with access and work the ladder, creating a persona within the system with email requirements, shell access, etc. He can then sit back and wait for the inevitable announcements of such things as password changes, maintenance schedules, shutdowns, security upgrades, etc etc. This is best demonstrated by a Bank of England fiasco a few years back where a complete inventory on all access to their mainframe yielded at least 4 shell accounts for people that did not exist, yet had some major league access to bank statements and transfer access.

These are but two ways you can crack a computer system without trying to “break down” the front door. Low level cracking and insider information selling (ex. employee grabs password txts of other ppl on network and sells it) can and will become a bane on security.

Don’t take my word for it, log on and sniff around. You would be surprised how much is out there.

http://www.fas.org/irp/program/disseminate/intelink.htm

I used to be on this network - and it was NOT connected in any way to the internet (at least not at my command - can’t vouch for ALL organizations), tho it was a world-wide net in its own right.