[ISN] Telco under cyber attack

From: InfoSec News (isnat_private)
Date: Sun Sep 23 2001 - 23:23:12 PDT

  • Next message: InfoSec News: "[ISN] AOL, Yahoo, ICQ Sites Battle Security Holes"

    One of New Zealand's most critical infrastructure companies - but no
    one will say which - has been under attack for months from "cyber
    Cabinet papers obtained by the Weekend Herald set out the background
    for the decision last month to establish a special $1 million-a-year
    unit within the Government Communications Security Bureau to deal with
    cyber attacks.
    The papers say the risks are increasing dramatically and the trend is
    likely to continue.
    Most of the threats from virus writers and hackers lie outside New
    Zealand, and better and faster communications services make this
    country potentially more vulnerable.
    The State Services Commission says one large telecommunications
    company has been under "sustained attack" for several months, but it
    does not identify the company.
    Companies such as the national grid operator Transpower, other
    electricity network companies, banks, oil and gas pipelines, emergency
    services, Government departments and telephone networks are considered
    potential targets of hackers and virus writers.
    Telecom and Clear Communications staff denied this week that their
    companies were the victims of the sustained attack.
    Information technology specialists think Telecom is the more likely
    It is believed to have shut its big international internet link
    Netgate in January after having problems.
    Risks highlighted in reports to the Government include the relocation
    of critical banking facilities overseas, telecommunications links and
    denial-of-service attacks on the internet.
    In a report to State Services Minister Trevor Mallard last December,
    the commission's E-Government Unit said some banks, including the
    Reserve Bank, were moving retailing processing overseas.
    The Reserve Bank planned to move computers handling its "real time
    gross settlement system" to Australia along with the Austraclear
    system, the main means of settling debt securities transactions.
    The system is critical to New Zealand financial markets, with billions
    of dollars flowing through it daily.
    The report said two main risks were posed by the shifts: events in
    Australia, such as industrial action that would be outside New
    Zealand's control, and the possibility of damage to undersea
    transtasman telecommunications circuits.
    Both had the potential to disconnect New Zealand from its banking
    Denial-of-service attacks, where a target computer is flooded with
    requests it cannot meet, were "the most worrying attack type on the
    internet", said the report.
    "This is a volatile area and one which needs up-to-date information
    and a reasonable degree of co-operation to manage."
    The recently completed undersea Southern Cross fibre optic cable,
    which provides computer and telephone users with greater capacity for
    international communications, had increased the potential for
    denial-of-service attacks to cause more damage because a greater
    volume of requests could be sent to a target computer.
    Submarine telecommunications cables between the North and South
    Islands were particularly vulnerable because they were laid on the
    seabed rather than buried.
    A microwave backup existed but did not have sufficient capacity to
    replace the cables.
    On electricity distribution, the report said Transpower took its
    responsibilities to ensure continuity of supply extremely seriously,
    but the increasing reliance on information technology to manage the
    distribution network meant greater central focus was needed.
    The project team that produced the December report said it had been
    unable to gather information about the protection of electricity lines
    companies' infrastructure assets.
    It said there was clearly scope for industry cooperation to increase
    security in those areas.
    The Centre for Critical Infrastructure Protection, being set up within
    the Government Communications Security Bureau with $269,000 of
    equipment, will have annual running costs of $847,000 a year plus GST.
    It will provide a free service to infrastructure owners and Government
    agencies, giving them warnings about viruses, denial-of-service
    attacks and software flaws.
    * james_gardinerat_private
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 01:58:22 PDT