Articles > Computing Canada > August 27, 1999 > Article > Print friendly

Hackers a growing threat to security, CSIS warns - Canadian Security Intelligence Service study on the threat of computer hackers - Government Activity

Martin Stone

The Canadian Security Intelligence Service (CSIS), Canada'a central security agency, has issued a warning against global terrorism, citing hackers and crackers who penetrate secure computer systems as a growing threat.

In a background paper released last week, CSIS admits that crackers entered their Web site in 1996 and altered their logo by changing the word "Intelligence" to "Illegal." In this first public disclosure of the incident, the agency says the damage was quickly discovered and corrected, but the event serves as an example of how cyber-savvy terrorists may be able to tamper with mission-critical systems.

The paper gives a brief outline of terrorist activities of the past and suggests that insurgents could severely cripple societies and even start wars by invading and taking control of the critical computer components.

The CSIS site was cracked within days of its having gone live, but the agency says there is no evidence that any sensitive files were entered.

CSIS spokesman Dan Lambert says the site is in the public domain and is in no way connected to other CSIS computer systems. The server is not even located on the CSIS premises, but housed at Canada's Department of Public Works, he adds.

He says the Web sites of several other federal government departments were also invaded at about the same time. Since then, there have been several instances of federal and provincial government Web sites being cracked, but no serious outages or security breaches have occurred.

The study warns that as modern civilizations become more dependent on computers and connectivity, future wars could be fought in cyberspace.

Canada is known to be particularly vulnerable due to a heavy reliance on advanced technologies.

The backgrounder says: "If teenagers can compromise networks using basic skills and tools available on the Internet, the concern is what can be accomplished by terrorist groups or states with far greater resources and motivation."

The paper also states: "Terrorist methods continue to become more sophisticated, both in terms of technology and the exploitation of public opinion and media channels. Globally mobile and knowledgeable about communications, explosives technology and computers, they have contacts around the world. Their activities and targets are difficult to predict. The use of technology, always part of the terrorist arsenal, has been augmented by encryption and the Internet to facilitate communication and reach a wider audience.

"In addition, the growing dependence of states on computer-based communication and technologies is leading to a world in which future conflicts could involve activities in cyberspace and attacks on a state's information infrastructure, now commonly referred to as information operations. As one of the world's most advanced states in its reliance on information technologies, Canada is concerned about its vulnerability to this threat.

"We are already seeing indicators of the changing threat environment in this area. One of the IRA Websites openly discusses ways it could use information operations to attack British interests.

"In the summer of 1997, a group linked to the Liberation Tigers of Tamil Eelam claimed responsibility for an attack on the e-mail systems of the Sri Lankan Embassy in Washington and its Mission in New York.

"If a Web site is successfully hacked into, data on the site can be manipulated. As an example, the CSIS Web site was hacked into and a few words changed on the home page. On the World Wide Web, distance is not a factor. Canada's geographic location and the world's longest undefended physical border provide no natural protection against these kinds of attacks. We are as vulnerable as any other country and have more assets at risk than most."

Analysts suspect that cyber-terrorist attacks will become more frequent as groups grow more sophisticated in the use of technology.

The full text of the backgrounder can be found at www.csis-scrs.gc.ca

COPYRIGHT 1999 Plesman Publications
COPYRIGHT 2000 Gale Group