[iwar] Historical posting

From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"
fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          


                Date: Wed, 22 Mar 2000 20:53:29 -0500
   From: cybercrimes@t...
Subject: Hundreds of hacker attacks hit Ottawa

Hundreds of hacker attacks hit Ottawa

JEFF SALLOT and ANDREW MITROVICA
Ottawa and Toronto 
Wednesday, March 15, 2000


The Globe and Mail -- JEFF SALLOT 
in Ottawa 
ANDREW MITROVICA 
in Toronto

Hackers attacked some of Canada's most sensitive military and government
computer systems 531 times in two months last year. 

None of the attacks appears to have been successful. 

Nevertheless, a study confirms Ottawa's worst fears about the
seriousness of the threat to crucial federal systems as hacker tools
become more sophisticated and proliferate. 

Government systems "are being probed, scanned and attacked on a regular
basis," says the study conducted by computer security experts hired by
Ottawa. 

A typical government Internet site "is subject to 10 or more threat
incidents per week.  In some cases, peaks of greater than 40 incidents
were observed for a site during a week," the study continues. 

Most attacks appear to have come from within Canada, but there were also
a high number from Britain and the United States and a handful from 29
other countries, including China and Russia.  The study was commissioned
by the federal government and completed five months ago by Electronic
Warfare Associates Canada Ltd., a cyber security firm.  It was released
to the Reform Party research office under the Access to Information Act. 

Since the study's completion in November, hackers have developed newer
and more sophisticated programs to probe, break into and overwhelm
computer systems, forcing them to crash, say officials with the
Communications Security Establishment.  (The CSE is a top-secret branch
of the Department of National Defence involved in electronic snooping). 

Last month, hackers successfully launched so-called denial-of-service
attacks on several major dot-com commercial systems, temporarily putting
computers out of business at Amazon, eBay and Yahoo, among others. 

Federal officials say the consequences would be far more serious if
hackers are successfully attacking government systems such as those at
the Department of National Defence, CSE itself, Correctional Services,
Transport Canada, Public Works, and the Canadian International
Development Agency, the six entities whose systems were included in the
study. 

There were 34 denial-of-service attacks on the federal computers during
the two-month study, all unsuccessful.  The cyber sleuths also detected
23 failed attempts to break into computers and steal or alter data and
474 surreptitious probes for vulnerabilities of the six systems in the
study. 

"Since November of 1999 [when the study was completed], a lot of things
have moved along and complacency and smugness on the part of people is
wrong," CSE spokesman Kevin Mills said yesterday. 

Although the hackers appear to have been unable to breach firewalls
(basic computer system security) and other security measures protecting
the systems at the six agencies, the study shows "these various
government departments were a target and we can't rest on our laurels,"
Mr.  Mills said. 

In fact, the government is trying to keep up with the hackers and
introduce state-of-the-art protective measures, he added. 

Military and intelligence experts in Canada and the United States have
said for several years that enemy states could try to cripple the
systems of Western nations during an international crisis or crack into
classified data bases. 

However in this study, Mr.  Mills said, there was no evidence that any
of the attacks were from hostile governments, although CSE cannot be
certain. 

The study suggests the threat is wide ranging.  "The results of this
project are simply a snapshot of a portion of the threat environment at
a particular point of time."

The study recommends implementing hacker-detection systems at many more
federal computer networks. 

The study also recommends establishing a central hack-attack reporting
and response office within the federal government. 

Art Hanger, the Reform Party's defence critic, said that the federal
government has been asleep at the switch when it comes to protecting
Canada's computer systems. 

He said that more money is urgently needed to rectify a looming crisis. 

A veteran computer security expert, who requested anonymity, said that
Canada has been slow to respond to the potentially catastrophic threat
to the nation's computer infrastructure posed by hackers acting
individually or sponsored by foreign governments.
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"