Aardvark

[Bruce Simpson]

This column is archived at: http://aardvark.co.nz/daily/2007/0911.shtml

Are our government computer systems sufficiently resistant to hacks?

If today's reports are to be believed, clearly they're not.

Are you worried that they appear so vulnerable and that "sensitive" and "confidential" data has been stolen, possibly by agents of foreign governments?

Did any of that data include details that could facilitate the ID theft of Kiwi citizens I wonder?

What OSes are being used? Surely they wouldn't trust such a critical role to something as full-of-holes as Microsoft Windows, would they?

What happened to the procedures designed to ensure that such systems remain secure?

And why is "sensitive" or "classified" information being placed on insecure publicly accessible computer systems in the first place?

Is it time for heads to roll perhaps?

[smeenz]

Come on Bruce... can't you see that people don't get fired for installing Microsoft ? It's a safe decision for any IT department, because they have the backing of a huge company behind it. No large public sector IT department is going to install one of those weird geeky operating systems that nobody knows anything about.. they're going to put their eggs in Microsoft's basket because they can get just about anyone to look after it then.

In my experience, the only thing that factors in decisions like these is which option causes the least amount of pain to install. Once the project is over, it's an operational support issue, but the project has been completed, on time, and that's the important thing that gets bonuses paid out.

Managers are simply not interested in the technical details, and the moans from the minority group of unix-heads they may employ. All they want is their Microsoft PDA to synchronise with exchange.

[erentz]

Come on, I've had some experience in quite a few Govt departments and it is nothing to do with what platform you use. Security for a large IT environment is not as simple as "Don't use Microsoft, use BSD and then you'll be automagically secure!" The flaws are in the management of IT security in these place, and well the complete lack of competence. Most Govt. department IT/security teams will rather spend hundreds of thousands of dollars on fancy new technology to protect a single web server, meanwhile they still have a massively soft juicy centre that would take half as much money to apply some basic security to which would increase the security posture of these places manyfold.

Fire (or put in storage) all the deadwood management and break up all the silly little silos and kingdoms they've built up, hire on competent people that are confident in making decisions and engineers that know what they're doing, share them amongst different departments if you're really having trouble finding good ones (seriously why do different departments compete with each other? they all work for the same larger team). Then put on hold all your fancy security projects and just focus for two years on just getting the basics right throughout the entire network before doing anything else. Put in all that internal segmentation at your data centres, etc. Get your procedures and policies actually working.

[smeenz]

[Graeme]

I'm curious why the supposed hackers are openly showing which government they are supposedly working for?

How about an alternative... a clever group of hackers, who specialise in targeting government computers, have compromised government computers in Russia and China, and are using those as 'proxies' to attack other governments' computers...

While I don't 'hack' or 'crack' per se, I do take an interest in computer security, and if my knowledge is .001% of what some clever hacker knows, then why wouldn't they using chained proxies (SOCKS Chain anyone?), and whatever smart ways they've got of covering their tracks?

Or... perhaps on the conspiracy side of things... the proxies that hackers think are hiding their tracks are generally owned by government Security agencies, so it is instantly known where they are really coming from.

Or maybe it is just like the news reports say, and overseas government hackers are operating from overseas government computers... hmmm. I don't know, but my BS indicator goes into 'alert' mode with a claim like this.

Also, I know the government department I work for has things reasonably locked down. The weak link is high up executives with laptops which are probably easily compromised from home when they or their kids download the latest malware ridden P2P program... So you can have the servers locked down, but when a not-so-savvy computer user has their 'own' laptop which is used outside the secure zone it is probably going to be the weakest link.

Cheers,
Graeme

[Peter]

Try a Google news search on: China hack

Seems like either there is a bit of it going on (or there is a bit of accusing going on). Not surprising if there is, it must be a lot simpler and safer than old alternatives.

[Satire]

That story is such a farce it's not funny. basically, its taking a not story (some random website got hacked) and trying to build a story around it - I guess it was a slow day today.

-- the article --

[Bruce Simpson]

By Jove, I think you've nailed it!

[linw]

Great summary, Satire!! Your interpretation hits the mark for me.

[DarrenG]

[mjae]

IMHO, I think some Chinese nationals are dangerous. I have come across websites located in China that show clear evidence of stealing intellectual property. I found one website this evening easily, but I'm not prepared to put the link online. The moderator can ask me for the link if it's important to verify my claim.

You can choose to believe me or not, and if you don't that's fair enough. Obviously I'm not prepared to give more details.

Remember, in communism "everyone" owns everything, and in combination with the Chinese culture which places a huge premium on having money, and lots of it, there is a problem with accessing foreign servers for dishonest or strategic gain.

[patrickc]

We grew up next door to Warren Tucker's family years back, before they moved to a lifestyle block in the Wirewrapper. Though I thought he worked in the GCSB.

This whole story smacks of political game playing. First we get the Americans complaining, then a couple of days later the British and then Aust and NZ.

They've known for years that govt organisations are attempting to break into their networks. We'd be naive to think Western countries are not doing exactly the same thing in reverse.

It smacks of these govt agencies trying to pressure the government for more funding and trying at the same time to get something out of China.

[mjae]

Point taken Patrick.

But the reality is that we have to view whoever "them" are as enemies and therefore both protect and be aware of their activities. The sooner we can precipitate the fall of these regimes through subtle means the better: it not as if you or I support their principles.

[Sophocles]

:
It's so funny.

A web server is penetrated.
And suddenly it's spying, Yeah right!
By rooskies (wasn't that the reason some big guns were planted on Auckland's North Head 130 years ago? ---nothing's changed! ), or Chinese ... (quick: plant more guns on North Head! )

I've been waiting for this for years: our dear, beloved NZ Gov IT department uses the Wonderfully Insecure Needlessly Diffifcult Opaque Working System from top to botton: desktops, servers and all. It's well named: windows all over, looking from the outside in, everywhere at everythng. You thought your files were private? Boy. do I have a bridge to sell you!

Does anyone remember Nandor Tancsos's problems trying to get Linux on his HMNZG laptop a few years ago? Couldn't be done---so said the MSCEs at work in Wellington. Translation: they didn't know how. Nandor did. And he's no geek. Yep: William's Intermittant Non Determinate Operationally Wanting System which Will Invariably Not Do One's Wishes is everywhere down there.

(Note to erentz: when connected to the Internet, it is a lot to do with what platform you use:
[url]
http://news.zdnet.co.uk/software/0,1000000121,39182093,00.htm
[/url]
Spitzner is very carefully tip-toing around the DMCA by not commenting on Windows security. However: given that all Windows machines were penetrated by automatic (!) worms says it all: no thought, no imagination, no intelligence required. As the Metasploit Project says about their Framework kit: "One click and you're in." ---that says it all. )

Satire hits the article for a six,too. Good one. I thoroughly enjoyed that! Yes, it's a farce. But I think it's a funny one! Especially since I've read a lot of the self-serving pompous drivel that tries to justify perpetuating the status quo.... (I had 12 years incarceration in a government computing centre BI (Before Internet). )

... ROTFL ... and ROTFLA and ROTFLAAA ....
Sorry ... it's going to take several weeks/months for me to stop laughing ... ''