Hackers breached Defence Department computers: report on security lapses
July 15, 2004
OTTAWA (CP) - Determined computer hackers broke through federal firewalls several times last year, gaining access to Defence Department networks.
A newly obtained report on security breaches at the department in 2003 also reveals dozens of internal lapses. Computer security has become a high-profile concern in federal circles in light of cyber-terrorism, operations mounted by foreign intelligence services and, more often, the sloppy practices of employees.
The Defence Department's Computer Incident Response Team tracked a total of 160 events - from digital break-ins to dodgy e-mail procedures - last year.
Located in Ottawa at the Canadian Forces network operations centre, the team defends department computers by monitoring intrusion detection systems, zeroing in on threats and issuing alerts.
A declassified version of the team's report was released to The Canadian Press under the Access to Information Act.
It provides an indication of the difficulties faced by federal agencies such as the Defence Department in keeping their sprawling information holdings secure from interlopers.
The Canadian Security Intelligence Service has warned that it is almost impossible to eliminate network vulnerabilities entirely because computer systems and attack tools are in a constant state of evolution.
Other documents released by Defence underscore the high degree of confidentiality attached to such issues. Many of the records are classified top secret, with much of the information withheld from release due to its perceived sensitivity.
The response team's report notes five instances of "unauthorized privileged access" to Defence networks, considered the most serious of seven categories of breaches.
They also logged five cases of "unauthorized limited access" and 35 instances of "malicious logic" - the attempted introduction of viruses, worms or other unwanted programs into a computer system.
There were 110 cases of "poor security practice" on the part of employees, by far the most common problem last year. Of these, the majority involved concerns about the security of e-mail transmissions.
Others stemmed from use of Internet Relay Chat messaging and the popular KaZaa file-sharing service, inappropriate storage of materials, and unauthorized Web postings. Another case involved improper access to a network.
No one from the Defence Department was available Tuesday to discuss the security cases.
Several of the documents released by Defence were prepared by the Communications Security Establishment, the highly secretive federal agency with the dual role of electronic spy service and protector of federal computer systems.
The records indicate CSE focused on issues including the potential exploitation of wireless communication networks, suspicious probes of systems and the general methods employed by hackers.
It appears CSE also undertook an analysis of the so-called Blaster worm that infected computers last August.
© The Canadian Press 2004
CanWest Interactive, a division of
CanWest Global Communications Corp. All rights reserved.
Optimized for browser versions 4.0 and higher.