Anonymous ID: 32d9ad re-drop April 6, 2018, 2:09 p.m. No.924278   🗄️.is 🔗kun   >>4680

>>924179

 

Captain Michael Sare (U.S. Navy, Ret.)

 

Bio

 

Capt. Michael Sare retired from the U.S. Navy in 1998 after a 26-year career in both surface warfare and Navy cryptologic (later retitled cyber warfare) assignments. His last military assignment was at the National Security Agency, Information Systems Security Directorate, where he served as DoD Red Team leader for JCS exercise “Eligible Receiver 97” and as military chief of staff in the Defensive Information Operations office.

 

A native of Chicago, Ill., Michael was commissioned an Ensign, United States Navy, in 1972. His surface warfare assignments included USS KING (DLG-10) during a Vietnam War deployment and USS JOUETT (DLG-29/CG29). In 1978, his request for lateral transfer into restricted line (cryptology) was approved.

 

As a Navy cryptologic officer, Michael served at Naval Security Group Activity (NSGA) Misawa, Japan; on the U.S. Atlantic Fleet staff; as the first Navy cryptologist on the Cruiser-Destroyer Group Eight staff, deploying for Operation “Urgent Fury” in Grenada, Multinational Peacekeeping Operations off Beirut, and drug enforcement operations in the southern Caribbean; as NSGA Edzell, Scotland Operations Officer; and as director for requirements, programs and budget and as deputy comptroller at the headquarters, Naval Security Group command.

 

While attending National Defense University National War College (NWC) in 1992, he was promoted to the rank of Captain (O6). Concurrent with assignment at NWC, Michael completed a Master of Science degree in computer systems management from University of Maryland University College. Michael was then ordered to the U.S. Pacific Command, where he established the Cryptologic Division (J28). In 1996, he was assigned to the National Security Agency, Information Systems Security Directorate.

 

Following his Navy retirement in 1998, Michael worked as a district manager within AT&T Government Markets, National Information Systems, in Columbia, Md. He served as the leader of the Cyber Defense Tools Development (CDTD) Program Management Office (PMO) until he left AT&T in 2002.

 

Capt. Sare is married to Cdr. Jeremie Sare (U.S. Navy, Ret.), also a Navy cryptologic officer. They reside in New Mexico where Michael does cyber security awareness presentations to the local community, volunteers at the Albuquerque VA Hospital, and has taken up acting in the film industry.

Anonymous ID: 32d9ad http://www.slate.com/articles/technology/future_tense/2016/03/inside_the_nsa_s_shockingly_successful April 6, 2018, 2:16 p.m. No.924421   🗄️.is 🔗kun   >>4631

 

On June 9, 1997, 25 officials of the National Security Agency—members of a security squad known as the “Red Team”—hacked into the computer networks of the Department of Defense, using only commercially available equipment and soft­ware. It was the first high-level exercise testing whether the U.S. military’s leaders, facilities, and global combatant commands were prepared for a cyber attack. And the outcome was alarming.

 

The simulated hack was the brainchild of the NSA director, Lt. Gen. Kenneth Minihan, who, before coming to the agency, had been commander of the Air Force Information Warfare Center in San Antonio, Texas. The center’s tech crews had been detecting frequent hackings of U.S. military computer networks, and had come up with ways to counter them—but few senior officers took notice or cared.

 

Each year, the Pentagon’s Joint Staff held an exercise called Eligi­ble Receiver—a simulation or war game designed to highlight some threat or opportunity on the horizon. Minihan wanted the next exercise to test the vulnerability of the U.S. military’s networks to a cyber attack. The most dramatic way to do this, he proposed, was to launch a real attack on those networks. He’d heard about small-scale exercises of this sort, against battalions or air wings of the Army or Air Force. In these war games, he’d been told, the hackers always succeeded. The NSA Red Team was part of the Information Assurance Directorate, the defensive side of the agency, stationed in FANEX, a drab brick building out near Friendship Airport, a 20-minute drive from NSA headquarters at Fort Meade, Maryland. During its most sensitive drills, the Red Team worked out of a chamber called the Pit, which was so secret that few people at NSA knew it ex­isted, and even they couldn’t enter without first passing through two combination-locked doors. In its workaday duties, the Red Team probed for vulnerabilities in new hardware or software that had been designed for the Defense Department, sometimes for the NSA itself. These systems had to clear a high bar to be deemed secure enough for government purchase and installation. The Red Team’s job was to test that bar.

 

It took Minihan a year of jumping through the Pentagon bureaucracy’s hoops to get permission to hold the exercise. In particular, the gen­eral counsel needed convincing that it was legal to hack into military computers, even as part of an exercise to test their security. NSA lawyers pointed to a document called National Security Directive 42, signed by President George H. W. Bush in 1990, which expressly allowed such tests, as long as the secretary of defense gave written consent. Secretary William Perry signed the agreement form.

 

 

The lawyers placed just one restriction on the exercise: The NSA hackers couldn’t attack American networks with any of their top secret gear; they could use only commercially available equipment and software.

 

On Feb. 16, 1997, Gen. John Shalikashvili, the chairman of the Joint Chiefs of Staff, issued Instruction 3510.01, “No-Notice Interoperability Exercise Program,” authorizing and de­scribing the scenario for Eligible Receiver.

 

The game laid out a three-phase scenario. In the first, North Korean and Iranian hackers (played by the NSA Red Team) would launch a coordinated attack on the critical infrastructures, especially the power grids and 911 emergency communication lines, of eight American cities—Los Angeles, Chicago, Detroit, Norfolk, St. Louis, Colorado Springs, Tampa, Fayetteville—and the island of Oahu, in Hawaii. (This phase was played as a tabletop game, premised on recent analyses of how easy it might be to disrupt the grid and overload the 911 lines.) The purpose of the attack, in the game’s scenario, was to pressure American political leaders into lifting sanctions that they’d recently imposed on the two countries.

 

 

In the second part of the game, the hackers would launch a massive attack on the military’s telephone, fax, and computer networks—first in U.S. Pacific Command, then in the Pentagon and other Defense Department facilities. The stated purpose was to disrupt America’s command-control systems, to make it much harder for the generals to see what was going on and for the president to respond to threats with force. This phase would not be a simulation; the NSA Red Team would actually penetrate the networks.

 

For the 3½ months between the JCS chairman’s authorization and the actual start of the game, the NSA Red Team prepared the attack, scoping the military’s networks and protocols, figuring out which computers to hack, and how, for maximum effect.

 

http:// www.slate.com/articles/technology/future_tense/2016/03/inside_the_nsa_s_shockingly_successful_simulated_hack_of_the_u_s_military.html