Eligible Receiver 97
Encyclopedia
Eligible Receiver 97 was a U.S. government exercise conducted under what is known as the No-Notice Interoperability Exercise Program. The exercises were held June 9-13, 1997 and included participants such as the National Security Agency
(which acted as the Red Team
), Central Intelligence Agency
, Defense Intelligence Agency
, Federal Bureau of Investigation
, National Reconnaissance Office
, Defense Information Systems Agency
, Department of State, Department of Justice
, as well as critical civilian infrastructure providers such as power and communication companies.
The NSA Red Team
used hacker
techniques and software that was freely available on the Internet
at that time. The Red Team
was able to crack networks and do things such as deny services; change and manipulate emails to make them appear to come from a legitimate source; disrupt communications between the National Command Authority
, intelligence agencies, and military commands. Common vulnerabilities were exploited which allowed the Red Team
to gain root access to over 36 government networks which allowed them to change/add user accounts and reformat server hard drives.
National Security Agency
Red Team
had no inside information to work with, but by engaging in extensive preliminary electronic reconnaissance
of target agencies and sites prior to the attacks, they were able to inflict considerable simulated damage. Although many aspects of Eligible Receiver remain classified, it is known that the Red Team
was able to infiltrate and take control of U.S. Pacific Command computer systems as well as power grids and 911 systems in nine major U.S. Cities.
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
(which acted as the Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
), Central Intelligence Agency
Central Intelligence Agency
The Central Intelligence Agency is a civilian intelligence agency of the United States government. It is an executive agency and reports directly to the Director of National Intelligence, responsible for providing national security intelligence assessment to senior United States policymakers...
, Defense Intelligence Agency
Defense Intelligence Agency
The Defense Intelligence Agency is a member of the Intelligence Community of the United States, and is the central producer and manager of military intelligence for the United States Department of Defense, employing over 16,500 U.S. military and civilian employees worldwide...
, Federal Bureau of Investigation
Federal Bureau of Investigation
The Federal Bureau of Investigation is an agency of the United States Department of Justice that serves as both a federal criminal investigative body and an internal intelligence agency . The FBI has investigative jurisdiction over violations of more than 200 categories of federal crime...
, National Reconnaissance Office
National Reconnaissance Office
The National Reconnaissance Office , located in Chantilly, Virginia, is one of the 16 U.S. intelligence agencies. It designs, builds, and operates the spy satellites of the United States government.-Mission:...
, Defense Information Systems Agency
Defense Information Systems Agency
The Defense Information Systems Agency is a United States Department of Defense agency that provides information technology and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.As part of the Base Realignment and...
, Department of State, Department of Justice
United States Department of Justice
The United States Department of Justice , is the United States federal executive department responsible for the enforcement of the law and administration of justice, equivalent to the justice or interior ministries of other countries.The Department is led by the Attorney General, who is nominated...
, as well as critical civilian infrastructure providers such as power and communication companies.
The NSA Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
used hacker
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
techniques and software that was freely available on the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
at that time. The Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
was able to crack networks and do things such as deny services; change and manipulate emails to make them appear to come from a legitimate source; disrupt communications between the National Command Authority
National Command Authority
National Command Authority is a term used by the Department of Defense of the United States of America to refer to the ultimate lawful source of military orders. The NCA comprises the President of the United States and the Secretary of Defense jointly, or their duly deputized successors, i.e...
, intelligence agencies, and military commands. Common vulnerabilities were exploited which allowed the Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
to gain root access to over 36 government networks which allowed them to change/add user accounts and reformat server hard drives.
National Security Agency
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
had no inside information to work with, but by engaging in extensive preliminary electronic reconnaissance
Reconnaissance
Reconnaissance is the military term for exploring beyond the area occupied by friendly forces to gain information about enemy forces or features of the environment....
of target agencies and sites prior to the attacks, they were able to inflict considerable simulated damage. Although many aspects of Eligible Receiver remain classified, it is known that the Red Team
Red Team
A red team is a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments...
was able to infiltrate and take control of U.S. Pacific Command computer systems as well as power grids and 911 systems in nine major U.S. Cities.
Quote
External links
- Global Security article pertaining to Eligible Receiver 97
- Official statement by John Hamre to the Joint Chiefs of StaffJoint Chiefs of StaffThe Joint Chiefs of Staff is a body of senior uniformed leaders in the United States Department of Defense who advise the Secretary of Defense, the Homeland Security Council, the National Security Council and the President on military matters...
- Summary of Eligible Receiver by Frontline