[ISN] DND's new threat: disgruntled bureaucrats
InfoSec News
isn at c4i.org
Tue May 31 03:05:39 EDT 2005
Forwarded from: William Knowles <wk at c4i.org>
http://www.canada.com/ottawa/ottawacitizen/news/story.html?id=60aaa14a-2a5f-47e1-9a8d-3fbb919529cc
David Pugliese
The Ottawa Citizen
May 29, 2005
Step aside terrorists, teenage computer hackers and members of the
Chinese military.
Once thought of as being the most likely perpetrators in any cyber
attack on military computer networks, they have now been replaced by
an even more nefarious threat -- disgruntled Ottawa public servants.
A war game scenario put together by the Department of National Defence
details how federal workers, during a tense and lengthy labour
dispute, try to bring down the military's main computer system. In the
scenario, the attack comes from inside National Defence headquarters
on Colonel By Drive, perpetrated by a civilian employee who embeds a
virtually undetectable malicious computer code to disrupt operations.
The exercise, dubbed "Scenario 10 -- Defence of North America Cyber
Attack Variant," argues that it is entirely plausible that a smaller,
deliberate attack by a Defence Department employee, such as corrupting
data through various means, might take place during labour
negotiations. "However, in a prolonged and vexed strike (like in the
one featured in this scenario), a more serious attack (for instance,
data contamination by a knowledgeable employee as illustrated in this
scenario) could be expected," Scenario 10 states.
The document was obtained by the Citizen through the Access to
Information law.
Defence analysts, as well as military and civilian intelligence
reports, tend to focus on terrorists, foreign countries, in particular
China, or hackers with no cause except to create chaos, as the usual
potential perpetrators of a large-scale disruptive cyber attack.
Scenario 10 does briefly mention that other nations, terrorists and
hackers out to create problems are all potential culprits.
Scenario 10 does not, however, detail why the threat from disgruntled
public servants was elaborated on and turned into a threat scenario.
"It is also possible that an employee who has been influenced by an
outside agency or a hostile country or organization might propagate an
internal attack," the documents add. A more serious threat, although
less likely, would be if a civilian employee gained access to the
department's classified computer networks, according to the records.
The Defence department could not respond to a Citizen request for
comment.
Defence union chief John MacLennan said he was aware of the Scenario
10 report, but he described the events contained in the documents as
unlikely to happen. Mr. MacLennan said it is doubtful that a labour
organization would do such a thing, although he conceded there could
be disgruntled employees either in or out of uniform. "You've got
irate military (personnel) in there too," said Mr. MacLennan, national
president of the Union of National Defence Employees.
Mr. MacLennan noted that, in terms of security issues, his
organization supports the department, adding that after the Sept. 11,
2001 attacks on the U.S., his union, then involved in a labour
dispute, pulled down its pickets around military bases within 20
minutes.
The Professional Institute of the Public Service, which represents
some of the department's scientific and technical employees, declined
to comment on Scenario 10.
In the past, Defence department computers have had their share of
hacker attempts. In 2003, hackers were able to gain access to military
computers on at least 10 occasions.
In other cases, Defence department employees were being targeted by
suspicious e-mails designed to plant viruses and other malicious codes
inside military computers. At least one computer was compromised by
such a mystery e-mail in 2003.
In 1999, it took a 17-year-old high school student in the U.S. just 10
minutes to breach the Defence Department's computer system. "The DND
site was an easy target," Russell Sanford told the Citizen in 2002.
"It was pretty weak."
Mr. Sanford said he went in and out of the military computer network
over a period of three days. When the Citizen story emerged, Defence
officials acknowledged the breach, but claimed the teenager was only
able to infiltrate the department's Internet website, which did not
contain any classified information. But the teen claimed that he had
hacked into one of the department's secure computers via its public
website.
While he did not access or intercept any classified data, Mr. Sanford
said he could have done so if he had wanted to. Instead, he left tips
on the website on how the military could improve its computer
security.
© The Ottawa Citizen 2005
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*
More information about the ISN
mailing list