What should the military services and DoD do about hacking official networks?

LTC Ed Ross — Tue, 09 Jun 2015 12:04:29 -0400

Response by Capt Seid Waddell made Jun 9 at 2015 12:06 PM

Capt Seid Waddell — Tue, 09 Jun 2015 12:06:44 -0400

Clearly they should prosecute where possible, and they should retaliate against those not within our legal grasp.

Response by SSgt Private RallyPoint Member made Jun 9 at 2015 12:07 PM

SSgt Private RallyPoint Member — Tue, 09 Jun 2015 12:07:48 -0400

I had to choose the best option. There will always be the threat of an attack getting through because tech is constantly getting better. Cyber security is a cat and mouse game. You build your security, & they keep at it until they crack it, making you build better security.

Response by SFC Christopher Perry made Jun 9 at 2015 12:08 PM

SFC Christopher Perry — Tue, 09 Jun 2015 12:08:09 -0400

We must have better hackers than do our enemies.

Response by SSG Private RallyPoint Member made Jun 9 at 2015 12:13 PM

SSG Private RallyPoint Member — Tue, 09 Jun 2015 12:13:13 -0400

Something. Anything. Too often now we're guilty of just excusing foreign countries' actions because we're afraid to offend them. We have almost zero respect from the rest of the world because they know we won't really do anything. We're an embarrassment. I'm stationed in Italy. I've been to a few other countries. We really don't have a good reputation with much of anyone. Mostly because they don't respect us. We don't stand up for ourselves anymore. Do something.

Response by SSG Roger Ayscue made Jun 9 at 2015 12:20 PM

SSG Roger Ayscue — Tue, 09 Jun 2015 12:20:35 -0400

No Mercy

Response by Maj Chris Nelson made Jun 9 at 2015 12:23 PM

Maj Chris Nelson — Tue, 09 Jun 2015 12:23:08 -0400

This is a difficult issue. For every program or system that comes out, you have people actively looking for weakness or flaws. For every DoD system that is built, there are going to be individuals, organizations, and 'states' that are going to try breaking into the system. I am sure that we are doing the same to others (so we should expect no less). Everyone on a mil/DoD network is already supposed to have a secure password....but some of the software programs that are out there trying to HACK a password are pretty powerful.

Response by SSG Roger Ayscue made Jun 9 at 2015 12:29 PM

SSG Roger Ayscue — Tue, 09 Jun 2015 12:29:59 -0400

Fight fire with fire. We (the United States) invented the technology, we should fight hacks with offensive software that literally explodes the offenders systems. Something that tracks back on their system and fries it.

Response by SGM Private RallyPoint Member made Jun 9 at 2015 12:39 PM

SGM Private RallyPoint Member — Tue, 09 Jun 2015 12:39:27 -0400

Spend more money on protecting servers, not software.

Response by SrA Edward Vong made Jun 9 at 2015 12:40 PM

SrA Edward Vong — Tue, 09 Jun 2015 12:40:43 -0400

All of the above.

Response by MAJ Robert (Bob) Petrarca made Jun 9 at 2015 12:44 PM

MAJ Robert (Bob) Petrarca — Tue, 09 Jun 2015 12:44:14 -0400

I think we need better trace software so we can ID who is doing what and where the originating IP is. Once they are traced and identified then we can take these ass clowns to court. Before that though, I think we need some international laws with teeth so that when hackers are caught infiltrating a country - not just government or military - any country has legal ground to prosecute the offenders.

Many systems already require adequate password standards in addition to biometrics, CAC cards and other access control protocols. Having a secure password is like gun control laws, the criminals will still find a way to get what they want without one.

Response by SGM Mikel Dawson made Jun 9 at 2015 1:07 PM

SGM Mikel Dawson — Tue, 09 Jun 2015 13:07:22 -0400

Evolution - We'll never get to the point of total security because of the way cyber war is. Like other say, cat and mouse game. Doing the best we can is all we can do. But we as individuals can also help by what and how we post on line What we say and such. Changing our passwords and such. This is no different than many of us who go into a store or cafe, look around for avenues of approach, escape, assessing those around us, spotting dangers. We have to in sense keep our cyber backs to the wall and scan our lanes.

Response by MSG Brad Sand made Jun 9 at 2015 1:13 PM

MSG Brad Sand — Tue, 09 Jun 2015 13:13:57 -0400

While it is going to happen, nature of the beast, as the military we should be proactive and attack, or at least counter-attack, I think we can do more damage to them than the can to us.

Response by LTC Bink Romanick made Jun 9 at 2015 1:40 PM

LTC Bink Romanick — Tue, 09 Jun 2015 13:40:10 -0400

We had better do something, the Chinese have 8 regiments of hackers and they're actively probing our networks and training their N. Korean buddies to do the same.

We'd better come up with a defense and soonest.

Response by SSG Private RallyPoint Member made Jun 9 at 2015 1:47 PM

SSG Private RallyPoint Member — Tue, 09 Jun 2015 13:47:48 -0400

Honestly, we could secure our military network so that no foreign nation could hack it (at least not from the comfort of their own borders) but doing so would be insanely expensive, resource and time intensive, and be damn near worthless as a tool and service to the military as a whole. I would say the most realistic option is to do what we're attempting to do now. Recruit and train the best technical minds we can find and implement them from the top down. The problem with most of DoD's networks is that not enough true security professionals are advising decision makers. And even in the cases where they are advising leadership, leadership tends to not listen. Add onto that the budget cuts and things get even more difficult.

Response by SGT Private RallyPoint Member made Jun 9 at 2015 1:52 PM

SGT Private RallyPoint Member — Tue, 09 Jun 2015 13:52:16 -0400

The best option is paying China to hack for us rather than against us. Hell, every other U.S. business is outsourcing.

Response by LTC Jason Mackay made Jun 9 at 2015 2:08 PM

LTC Jason Mackay — Tue, 09 Jun 2015 14:08:01 -0400

Would really like to see Direct Action Raids against hackers, especially where host governments are unwilling or unable to deter them. Would also like to see financial action taken against their backers and benefactors. Nothing says punitive quite like dudes with beards fast roping into a Hacker's (Mom's Basement) house, snatching him up in flex cuffs, exploiting all their stuff.

I am on a .mil network with a CAC, how would a strong password do anything more? Strength of password is at direct odds with ass-pain of entering it correctly, remembering it, and relative anemia of it against a key stroke stealing virus.

Response by CW5 Private RallyPoint Member made Jun 9 at 2015 2:53 PM

CW5 Private RallyPoint Member — Tue, 09 Jun 2015 14:53:26 -0400

Perhaps we should realize that the US invented the internet and give the CIC buttons to turn it off in places that take efforts to attack us. We have the smarts to construct the thing, we should have the ability to craft the routing tables.

It may have diplomatic, economic and political fall-outs but it would definitely send a message if used conservatively.

Response by CH (COL) Geoff Bailey made Jun 9 at 2015 3:05 PM

CH (COL) Geoff Bailey — Tue, 09 Jun 2015 15:05:51 -0400

LTC Yinon Weiss , all of the above options.

Response by SGM Steve Wettstein made Jun 9 at 2015 3:38 PM

SGM Steve Wettstein — Tue, 09 Jun 2015 15:38:07 -0400

IMO they need to cough up the money and get the very best IT people to defend against attacks.

Response by SGT John Wesley made Jun 9 at 2015 5:10 PM

SGT John Wesley — Tue, 09 Jun 2015 17:10:14 -0400

I say we go to the source and screw up their networks!

Cyberwars are a reality, and we best get our sh*t together, before they hit our infrastructure via networks.

If that happens, we've only got ourselves to blame.

Computers were created in America, by Americans, and yet some third world weenie can circumvent our security protocols? Our guys must be dense!

Response by CPT Arch Nissel made Jun 9 at 2015 5:59 PM

CPT Arch Nissel — Tue, 09 Jun 2015 17:59:58 -0400

There has to be some fear of retribution to stop an action.

Response by PO1 John Miller made Jun 9 at 2015 6:12 PM

PO1 John Miller — Tue, 09 Jun 2015 18:12:44 -0400

Until we completely disable Internet surfing, except for .mil and .gov websites, there's always going to be a risk no matter how stringent measures we take.

A plausible start though would be to let those charged with the cyber security of our networks actually do their jobs, and give better training to the systems and network administrators.

Response by TSgt David L. made Jun 9 at 2015 7:32 PM

TSgt David L. — Tue, 09 Jun 2015 19:32:29 -0400

Simple: They send a worm, we send a Tomahawk Cruise Missile. You send a virus, we send a Delta team to F you up.
Shouldn't take long for the word to spread around.

Response by SGT Nathan Huff made Jun 9 at 2015 10:08 PM

SGT Nathan Huff — Tue, 09 Jun 2015 22:08:08 -0400

Also get up to date equipment. My computer at home that was two years old was newer than the computers in our units

Response by SGT James Hastings made Jun 10 at 2015 3:01 PM

SGT James Hastings — Wed, 10 Jun 2015 15:01:51 -0400

DOD has created a nightmare for Federal employees using their network as it is and yet they don't seem able to figure out a security system that will stop hackers. We seem to be able to identify where they are hacking from. Maybe we should deploy drones to attack them? Just a humorous thought.

Response by MSG John Wirts made Jun 10 at 2015 4:24 PM

MSG John Wirts — Wed, 10 Jun 2015 16:24:47 -0400

Search out and identify hackers, if they are internal remove their user ID and passwords form the systems, charge them and try them, if guilty give them an other than honorable discharge with forfeiture of pay and allowances and reduction to E-2. If the hacker is a U.S. citizen and is disrupting systems or destroying or misusing data, they should be confined without computer or smartphone access, tried for their unlawful activity. If found guilty, they should be incarcerated with no computer, or smartphone access for duration of their sentence.
If the hacker originates their activity from outside the U. S., and is a private citizen,diplomatic discussions should start to contain this activity. If it is initiated by foreign government agencies including their military, locate the source of the hacking, and take immediate action. Either warn the nation to cease and desist, or if necessary destroy the hacker sites.

Response by SFC James Massey made Jun 10 at 2015 5:03 PM

SFC James Massey — Wed, 10 Jun 2015 17:03:59 -0400

If caught, charge them with some type of treason. Also, our computer guru's should embed a Trojan horse or other type virus, that when hacked erases the hackers hard drive. If not the hard drive at least make the information he gets unusable.

Response by Sgt Peter Lara made Jun 11 at 2015 9:20 AM

Sgt Peter Lara — Thu, 11 Jun 2015 09:20:10 -0400

Computer hackers are the new breed of criminals that can negatively affect a whole mass of people from the comfort of their garage/living room/office...with a few key strokes. As a society, can we really consider their criminal activities any less disruptive or less violent, given the effect they can have on an ordinary person' life.

Why not treat them as we do bank robbers since many tend to go after our savings and our identities and worse. Anyone who has been the victim of identity theft will tell you of the horrendous ordeal they had or are still going through simply trying to get on with their lives.

Give them prison terms commensurate with their crime.

Response by LTC John Shaw made Jun 11 at 2015 9:46 AM

LTC John Shaw — Thu, 11 Jun 2015 09:46:09 -0400

We need to combine network, physical and intelligence attacks. If someone hacks us we spike your network, kick in your door and all your connected friends doors. We don't have any cross org like this but we need to get there soon.

Response by SSG Donald Mceuen made Jun 11 at 2015 10:00 AM

SSG Donald Mceuen — Thu, 11 Jun 2015 10:00:47 -0400

I don't know if we can do much about them getting in but there should be a way
for us to find them and destroy there interstruction. Remove there funding by any
way needed.

Response by SGT David Carson II made Jun 12 at 2015 6:14 PM

SGT David Carson II — Fri, 12 Jun 2015 18:14:30 -0400

Fight hackers with hackers. Anonymous could do the job, and they'll accept payment in bitcoins.