this post was submitted on 11 Sep 2024
668 points (98.3% liked)

Technology

59174 readers
2961 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

A U.S. Navy chief who wanted the internet so she and other enlisted officers could scroll social media, check sports scores and watch movies while deployed had an unauthorized Starlink satellite dish installed on a warship and lied to her commanding officer to keep it secret, according to investigators.

Internet access is restricted while a ship is underway to maintain bandwidth for military operations and to protect against cybersecurity threats.

The Navy quietly relieved Grisel Marrero, a command senior chief of the littoral combat ship USS Manchester, in August or September 2023, and released information on parts of the investigation this week.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 1 month ago (1 children)

The degree of incompetence needed for SIGINT/ELINT operations to fail to discover such a transceiver for 6+ months strains credibility.

I'm guessing this is a ruse to convince adversaries that the Navy can't detect Starlink transceivers even when they are aboard their own ships. This is much more likely to be disinformation intended to drive adversaries to use Starlink than it is to be a legitimate failure of intelligence gathering.

[–] [email protected] 1 points 1 month ago (1 children)

strains credibility

Not sure why.
Security professionals are constantly complaining about insiders violating security policies for stupid reasons.
Security publications and declassified documents are full of breaches that took way too long to discover.

The Navy may have great security protocols but it's full of humans that make mistakes. As they say, if you invent a foolproof plan, the universe will invent a better fool.

[–] [email protected] 4 points 1 month ago* (last edited 1 month ago) (1 children)

Ok, so this is a bit different from taping your password to your monitor. Security has a problem with you doing that, but unless they come to your workstation, they have no way of knowing that you do this.

ELINT is kinda like a security camera, but instead of seeing lights, it sees transmitters. You know the frequencies of the communications transmitters on Navy ships, let's say they are analogous to blue lights. You know the frequencies of their radars, let's say they are green. During normal operation, you're expecting to see blue and green "lights" from your ship, and the other ships in your task force.

Starlink does not operate on the same frequencies as comms and radar. The "light" it emits is bright red, kinda like the blinking lights you see on cell towers at night.

So, you're sitting at the security desk, monitoring your camera feeds... And you just don't notice a giant red blinky light, strong enough to be seen from space, on the ship next to you in formation?

You're telling me that this warship never ran any EMCON drills, shutting off all of the "lights" it knows about, and looking to see if any shipboard transmitters remain unsecured?

You're right, I would expect users to bend and break unmonitored security protocols from time to time. I expect them to write down their password. I expect them to share their password, communicating it over insecure networks that aren't monitored by the security department. But operating a Starlink transmitter is basically equivalent to having the Goodyear blimp orbit your office building, projecting your password on its side for everyone to see.

The idea that ELINT operators missed seeing it for this long doesn't seem likely.

[–] [email protected] 1 points 1 month ago (1 children)

Look at what her rank was, she was Chief of Ship. She also lied about what it was and was allowing other enlisted, likely sigint/elint to use the starlink for streaming away from port.

Simple low level fuckery on a naval vessel. The softest part of security are the squishy humans.

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

Ok, I don't think you read what I wrote.

Everytime you read "Starlink", I want you to think about a flashing anti-collision beacon on a radio tower. Because that is what a Starlink transceivers looks like to every ELINT operator aboard, and on every nearby ship. Imagine a ship with a giant red blinky light on it, because that's what an ELINT technician would be seeing.

She would have had to have recruited every ELINT technician and supervisor aboard every vessel they sailed with to make this happen.

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago)

I upvoted what you wrote and also pointed out that there were 15 other enlisted involved

She could've very easily turned off or shielded the starlink when they went dark for inspection. Also if it's properly aligned and in the comms mast properly oriented it would've been hidden from most cursory sweeps.

There was absolutely a security failure here, but I also don't think that fellow NAVY vessels are as focused on other ships in the fleet when underway in peaceful waters.

https://www.military.com/daily-news/2024/09/06/navy-officer-demoted-after-installing-unauthorized-satellite-dish-warship-access-internet.html