« US black-hats come together under government exercises | Main | Israel's Cyber-Defense Weak »

Let's talk history

I was reading a history book the the other day and it inspired me to write something historical here. OK, maybe I was watching the history channel. Actually it was FX playing “The Patriot” with Mel Gibson, but you get the idea.

Either way, I was inspired me to write a blog entry about what I believe is the first time the government used a hack to cause significant damage to infrastructure. In 2004, Thomas Reed, a retired senior national security official, told the story of a KGB agent who was discovered to have infiltrated the CIA. He was stealing all kinds of data and new technology from everywhere in the country. The CIA then had two options:

1) the nice way (pick him up, torture him a bit, do some mind-control experiment on him or something)
2) what I like to call the “you stole my toys and now I’m going to kill your parents and burn your house down” way.

The CIA chose option 2. In all fairness we were in a “war” with them, a very COLD war if you will. The Soviets were messing with us in similar ways, so they did sort of have it coming. Anyway, here’s what the CIA did. Instead of letting on that they knew they had a spy, they started giving him opportunities to steal more and more new technologies, but they would modify them ever so slightly. For example, they’d let him steal a chip (computer chip, not fritos) that could be used by the soviets, but every few million cycles would just start to act funny. It might start delivering false signals, or use different logic rules.

The peak of this project was when they allowed the KGB to steal perfectly functional software with a few lines of code modified. The program was a more efficient than currently available software for running pipelines and conducting pipeline tests. Everything ran fine for a few months and then:

Pictured above: pwnage

It exploded.

The few lines of code told the pipeline to run pressure tests at ridiculous pressures after a few months.
As far as I can tell, this is the first significant hacking incident causing serious infrastructure damage run by a government. History is cool.

In conclusion, don’t F_ _ _ with the CIA, or they will punch you in the face. Really hard.

Actual IMINT collected by the CIA

Posted by Alejandro Caceres on November 20, 2009 11:17 AM |

TrackBack

TrackBack URL for this entry:
http://www.henryfarrell.net/movabletype/mt-tb.cgi/4836

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)