MOD Hacked

Discussion in 'Current Affairs, News and Analysis' started by Mr_Fingerz, May 3, 2012.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Mr_Fingerz

    Mr_Fingerz LE Book Reviewer

  2. Wordsmith

    Wordsmith LE Book Reviewer

    I work for a major software company. Although I'm not a developer, as one of the requirements of my job I have to do a 'secure coding practices' course every couple of years. Although I don't understand all of it, it has given me a degree of insight into the level of technical skill required to hack more secure systems. Here is one of the simpler techniques: SQL Injection.

    SQL injection - Wikipedia, the free encyclopedia

    Assuming no one in the MOD has done anything as stupid as leaving default passwords in place or using passwords like Pa$$word or Passw0rd, you shouldn't be able to get into the more secure parts of the MOD without a lot of technical knowledge and a lot of patience.

    Although, if I were in charge of intelligence for a hostile power, finding a world class hacker and paying him by results would be a good use of my budget...

  3. It'll be Charlie Chang & the Weetabix gang.
  4. Is the 'top secret' bit journalistic hyperbole? I can't actually see a direct quote that a TS system has been successfully attacked.
  5. Surely he meant hocked not hacked. As in MOD is hocked up to the ****ing eyeballs.
  6. it was a DDOS not a 'hack'. obv. using the correct terminology and description of such is beyond even the Guardian's hacks!

    edit. wrong organisation. i was thinking of the SOCA thing earlier today
  7. I don't know why anyone would want to hack into the MoD's computers, given that it is so easy to hack into the networks run by the companies who supply their kit: step forward BAE Systems, for example.
  8. You would think they'd have more sense, wouldn't you?

    I know of at least two or three of our comms systems with some of the most common default passwords in the world left in place. I wouldn't be so confident about the rest being any more secure.
  9. I'm not too sure about setting out to reward people for hacking you. Isn't that a bit like saying 'Here, come break into my gaff and show how it isn't secure and I'll give you twenty quid'?

    IMO this encourages people to hack and surely the less people hacking into and viewing MoD files that aren't meant to be viewed, the better?
  10. One could argue that they are very clever, no one expect anyone to be that stupid, so they would never try them!
  11. they are out there doing it anyway and that way you have the smelly toerag showing your technical people how he did it rather than finding out later.
    like OH **** THE INTERNET IS HERE.
  12. Ummmm, that could explain why DII was working very well the other day :cool:

  13. Passwords? What, surely everyone knows you need secure passwords these days. Step forwards one large motor company, who use the format

    admin user ID:
    admin password:

    can you spell "Doh!"
  14. I dont know if the MOD needs "kids on the steets". Maybe they need to worry about smartphones and tablets a tad more, as attack vectors.