Contractor admits hackers stole U.S. satellite software
By Robert Lemos

Special to CNET News.com
March 2, 2001, 4:15 p.m. PT
http://news.cnet.com/news/0-1003-200-5006606.html?tag=prntfr

Exigent International, a U.S. government contractor, acknowledged Friday
that one or more cyberthieves broke into a restricted
federal computer system and stole the company's proprietary code for
controlling satellite systems.

The theft, which took place in December, became public Friday after it
became known that law enforcement had searched the
servers of a Swedish software consulting company for evidence of the crime.

"Because one of our government customers was a target of this cybercrime, we
are working closely with them, as well as
domestic law enforcement and international organizations to remedy the
breach in security," B.R. Smedley, CEO of Exigent,
said in a statement.

Exigent's software, known as OS/COMET, allows ground-control personnel to
communicate and send commands to satellites
and rockets. The Melbourne, Fla.-based company stated that the source code
of the version that had been stolen was "older,"
not the newest version released last April.

Swedish law enforcement searched the servers of software consultant
Carbonide on Feb. 6 on suspicion that a hacker used
the company's Freebox Web e-mail service to distribute the source code to
others, said Erik Wickbom, CEO of Stockholm,
Sweden-based Carbonide.

"We didn't know it was there, and we didn't know it was source code," he
told CNET News.com on Friday. Although the search
occurred nearly a month ago, it did not become public until Friday.

After the four-hour search, the team of Swedish law enforcement and FBI
computer experts left with copies of the evidence.

"Immediately after, we deleted the source code," Wickbom said.

The stolen source code is a fragment of the complete application. Wickbom
said that's because law enforcement officials
could fit the data on a single floppy disk, about 1.44MB of space.

Although the hacker used the name "Leeif" on the system, Wickbom said, the
account was stolen. Wickbom added that the
trail points to a German university as the source of the intrusion into the
Freebox network but that a skilled attacker could
easily have broken in from elsewhere.

"He knew what he was doing, absolutely," Wickbom said.

Wickbom did not name the German school, but Exigent filed a suit against
both Carbonide and the University of Kaiserlautern
in Germany on Jan. 19 in connection with the case.

The U.S. Air Force has plans to use the OS/COMET software to control the
NAVSTAR Global Positioning System from its
Colorado Springs Monitor Station, which is part of the Air Force Space
Command, according to a December press release
from the software's creator, Exigent Software Technology, a subsidiary of
Exigent International. Exigent valued the deal at $2.7
million.

Although Exigent did not name the government customer, a Reuters report
indicated that the source code had been stolen
from the U.S. Naval Research Laboratory in Washington, D.C., on Dec. 24. The
military detected the intrusion three days later.

In reaction to the theft, Exigent said, it requested that the government
system run a "lock-up" procedure.

The FBI would not comment on the theft or the investigation.

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************