Romanian police have arrested a man believed to be TinKode, the notorious hacker responsible for several daring, high-profile cyberattacks, including last year’s breach of NASA’s servers, Royal Navy, The European Space Agency and MySQL.com. The 20-year-old man, named as Razvan Manole Cernaianu, allegedly attacked Pentagon and NASA computer systems, revealed security holes, and published information about SQL injection vulnerabilities he had discovered, the Romanian Directorate for Investigating Organized Crime and Terrorist (DIICOT) said in a press release.
He also posted a video on his blog demonstrating an attack he carried out against the U.S. government, and created and offered for sale a computer program used to hack Web sites. Through his exploits, Cernaianu blocked access to systems and seriously disabled their proper functioning, authorities said.
Currently, Cernăianu is being taken to Bucharest for questioning and he is charged with breaching a computing system without authorization, unauthorized transfer of data from a computing system, and the disruption of a computing system. Romanian authorities said the FBI and NASA took part in the investigation.
(AP) WASHINGTON – The Pentagon on Thursday revealed that in the spring it suffered one of its largest losses ever of sensitive data in a cyberattack by a foreign government. It is a dramatic example of why the military is pursuing a new strategy emphasizing deeper defenses of its computer networks, collaboration with private industry and new steps to stop “malicious insiders.”
William Lynn, the deputy secretary of defense, said in a speech outlining the strategy that 24,000 files containing Pentagon data were stolen from a defense industry computer network in a single intrusion in March. He offered no details about what was taken but said the Pentagon believes the attacker was a foreign government. He didn’t say which nation.
“We have a pretty good idea” who did it, Lynn said in an interview before the speech. He would not elaborate.
Read the full Defense Department strategy (pdf)
ZDNet’s Larry Dignan on the security breach
Many cyberattacks in the past have been blamed on China or Russia. One of the Pentagon’s fears is that eventually a terrorist group, with less at stake than a foreign government, will acquire the ability to not only penetrate U.S. computer networks to steal data but to attack them in ways that damage U.S. defenses or even cause deaths.
The Pentagon has long worried about the vulnerability of its computer systems. The concern has grown as the military becomes more dependent not only on its own computers but also on those of its defense contractors, including providers of the fuel, electricity and other resources that keep the military operating globally.
Lynn said intrusions in the last few years have compromised some of the Pentagon’s most sensitive systems, including surveillance technologies and satellite communications systems. Penetrations of defense industry networks have targeted a wide swath of military hardware, including missile tracking systems and drone aircraft, he said.