Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Title:
1998_001
Denial of Service attack on IT systems.
Day Month Year Country Activity Incident Type
2 March 1998 United States Defence Denial of Service

Summary

The US Navy, with computers stationed at locations including Point Loma, California; Charleston, South Carolina; and Norfolk, Virginia, was reportedly affected by a widespread cyberattack targeting systems running the Microsoft Windows NT and Windows 95 operating systems. This "denial of service" event was part of a larger assault that impacted numerous entities throughout the US.

Computers potentially experienced system crashes between 8:30 and 10 p.m. on Monday, March 2nd. These crashes might have manifested as either error messages or blank screens. Multiple users could have interpreted these interruptions as standard system hiccups or potential power glitches. The alleged attack, described as a variant of the "teardrop" technique, involved sending distorted data packets to targeted machines. Trying to decipher these misleading packets, the computers might have been led to use up excessive memory, ultimately causing system failures. This modified version of the attack seemed to facilitate targeting a vast array of computers simultaneously.

While the exact fallout from the attack on the Navy's operations at the aforementioned locations remains speculative, the cyber incident could have presented significant disruptions. The events were likely seen in a serious light, potentially wasting precious time and hampering Navy personnel in their tasks.

Victim

US Navy

Claimed/Reported Threat Actor

N/A

Origin

Undisclosed

Main impact

Availability

References

  1. https://news.cornell.edu/stories/1998/03/windows-computers-cornell-attacked-hackers
  2. https://www.cnet.com/tech/tech-industry/hackers-attack-nasa-navy/

Recommendations to Defence to reduce Denial of Service risks:

  • Implement rate limiting and traffic filtering to mitigate the impact of incoming malicious traffic.
  • Check with your IT service provider that the resilience of its systems against such attack was tested.
  • Regularly monitor network traffic and set up alerting for unusual patterns or spikes.
  • Diversify your server locations and use fail-over systems to ensure service availability in case of an attack.
  • Establish an incident response plan to quickly mitigate and recover from DoS attacks.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Monday, 11th December 2023.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2023.