WASHINGTON -- A major effort to pierce US government and private-sector computer networks seems to have originated in Russia, a top US law-enforcement officer told Congress Wednesday.
Lifting the veil on an investigation he said had been under way for more than a year, Michael Vatis of the Federal Bureau of Investigation said intruders had stolen "unclassified but still-sensitive information about essentially defense technical research matters."
"About the furthest I can go is to say the intrusions appear to originate in Russia," said Vatis, who heads the FBI-led National Infrastructure Protection Center (NIPC), a bulwark against threats to the electronic lifelines of US society.
The investigation, code-named Moonlight Maze, involved the NIPC and other federal agencies as well as international counterparts, Vatis told the Senate Judiciary Subcommittee on Technology and Terrorism.
He said investigators were trying to get to the bottom of "a series of widespread intrusions, into Defense Department, other federal government agencies, and private-sector computer networks."
Vatis did not immediately spell out whether the intrusions were continuing or who might be behind them in Russia. In an interview with Reuters last week, he had declined to comment on the case, as had other federal officials.
Newsweek magazine, in its issue dated 20 September, reported that the Moonlight Maze suspects were "crack cyberspooks from the Russian Academy of Sciences, a government-supported organization that interacts with Russia's top military labs."
Citing intelligence sources familiar with the case, Newsweek said the haul could include classified US naval codes and information on missile-guidance systems.
Susan Hansen, a Pentagon spokeswoman, said the Defense Department knew of no classified information that had been jeopardized in the Moonlight Maze intrusions.
Vatis made his comments in reply to a question from panel chairman Jon Kyl, Republican of Arizona, who invoked the frequently cited danger of an "electronic Pearl Harbor" akin to the Japanese surprise attack that brought the United States into World War II.
Although key US networks have escaped "serious harm" so far, "our luck is likely to run out unless we take aggressive steps to tighten these gaps," Kyl said.
Vatis linked the greatest potential national-security threat to "information warfare," the ability to launch viruses and other cyber weapons against the bits and bytes that glue modern life.
Targeted would be what US foes perceive as "America's Achilles Heel -- our reliance on information technology to control critical government and private-sector systems," he said.
He said foreign intelligence services had begun using cyber tools for information gathering and espionage.
Disclosing a case dubbed "the Cuckoo's Egg," Vatis said from 1986 to 1989 a ring of West German "hackers" had sold stolen passwords, programs, and other data to the old Soviet KGB spy service after the ring pierced military, scientific, and industry computers in the United States, Western Europe, and Japan.
"Significantly, this was over a decade ago -- ancient history in Internet years," Vatis said, adding that the FBI's caseload for computer hacking and network-intrusion cases had doubled for each of the last two years, with more than 800 cases pending.
Copyright 1999 Reuters Limited.
