Hackers attack on Pentagon hacks and Google Maps

I have this nosy but absent-minded Uncle. He likes to paw through my emails, peruse my web history, and tap my phones. But when it comes to protecting his own, more important secrets, he's mostly clueless.

Case in point: When alleged Chinese Hackers broke into the Pentagon's email system last June, 07 Secretary of Defense Robert Gates sloughed it off as no big deal – nothing to see here, happens every day, please move along. Now it turns out that the hack was a wee bit more serious than Gates let on. GovernmentExecutive.com quotes Dennis Clem, CIO for the office of the defense secretary, talking about the hack at a federal tech conference last week:

"This was a very bad day," said Clem during a panel discussion at the Information Processing Interagency Conference Tuesday. The breach continues to pose a threat, he added. "We don't know when they'll use the information they stole, processes and procedures that will be valuable to adversaries."

And here's how they did it, per Federal Computer Week:

The hackers took advantage of a known Microsoft software vulnerability and sent spoof e-mail messages with the names of staff in Clem’s division. When the messages were opened, the code sent back the user names and passwords, which allowed access to the network. In follow-up forensics, Clem discovered that the hackers accessed sensitive information, which they encrypted as they transmitted it back to their sites.

So the Pentagon gets 0wned via what sounds like an ordinary spear phishing attack, and we're supposed to trust our government to sift all our email, decide which ones are from the terrorists, and leave the rest of us alone. In related news: The Pentagon has asked Google to pull images of US military installations from the "Street View" feature in Google Maps, and Google has complied. Apparently the images showed enough info on how to get in and out of each base to worry the commanders. Got it.

Keywords: Hacking, Virus Threads, Phishing, Google Maps, Pentagon