[ISN] The brazen airport computer theft that has Australia's anti-terror fighters up in arms

From: InfoSec News (isnat_private)
Date: Fri Sep 05 2003 - 00:20:30 PDT

  • Next message: InfoSec News: "[ISN] Microsoft Patches Five Security Flaws"

    Forwarded from: Christian Wright <cwat_private>
    By Philip Cornford
    September 5, 2003
    On the night of Wednesday, August 27, two men dressed as computer
    technicians and carrying tool bags entered the cargo processing and
    intelligence centre at Sydney International Airport.
    The men, described as being of Pakistani-Indian-Arabic appearance,
    took a lift to the third floor of the Charles Ulm building in Link
    Road, next to the customs handling depot and the Qantas Jet Base.
    They presented themselves to the security desk as technicians sent by
    Electronic Data Systems, the outsourced customs computer services
    provider which regularly sends people to work on computers after
    normal office hours.
    After supplying false names and signatures, they were given access to
    the top-security mainframe room. They knew the room's location and no
    directions were needed.
    Inside, they spent two hours disconnecting two computers, which they
    put on trolleys and wheeled out of the room, past the security desk,
    into the lift and out of the building.
    The brazen theft has prompted Australia's top security agencies to
    conduct emergency damage audits amid fears that terrorists may have
    gained access to highly sensitive intelligence from the computers.
    The Australian Federal Police and ASIO, the two chief guardians
    against terrorism, fired off angry memos to customs officials,
    demanding to know the extent to which their top-secret operations have
    been compromised.
    The Australian Customs Service has admitted the security blunder, but
    told customs officers in an email that no sensitive operational
    information was lost.
    This brought angry rebuttals from customs officers who claimed that
    the two mainframe servers held thousands of confidential files,
    including top-secret communications between customs investigators and
    the AFP and ASIO.
    They point to the fact that all officers have been instructed to
    change passwords which give them access to the system, but a spokesman
    for the Customs Minister, Chris Ellison, said this was a
    "precautionary measure".
    The theft is being investigated by the AFP, which is conducting 65
    counter-terrorist operations against nationalist groups in Australia
    and international terrorist groups such as al-Qaeda and Jemaah
    Customs officers believe the thieves had inside information because
    they knew how to bypass security, how to identify themselves and where
    to go, plus the fact that the mainframe room was regularly entered
    after hours for maintenance.
    The Community and Public Sector Union, which represents customs
    officers, has asked for guarantees that none of its members is at risk
    as a result of the theft.
    The union expressed fears thatthe lives of undercover agents could be
    jeopardised after officers claimed that customs officials were
    covering up the true extent of the damage. Also at risk, they said,
    are operations against terrorists and international drug cartels in
    which customs officers watch the movements of suspects and suspicious
    cargo in and out of the country.
    They stressed that terrorists had the most to gain by stealing the
    servers. "The servers have no value except the information they
    contain," an officer said. "They would have personal internal email
    accounts, probably the passwords for those accounts, and any
    information harboured within them.
    "Customs officers use the accounts to communicate volumes of sensitive
    operational material and intelligence to each other, including
    information from other agencies such as AFP and ASIO. This would be at
    The spokesman for Senator Ellison said: "Extensive testing of the
    system is being carried out to determine whether it has been
    compromised by the theft. No evidence has emerged to indicate that
    there has been any intrusion. Customs has been advised that the
    servers did not contain personal, business-related or national
    security information.
    "Nevertheless, arrangements were made to change all staff passwords as
    a precautionary measure. All staff have been asked to report any
    irregularities in their access arrangements to the system. As the
    matter is subject to an ongoing investigation, it is inappropriate to
    comment further. Although there is no evidence of an intrusion,
    Senator Ellison has called for a full report."
    A spokeswoman for the Attorney-General, Daryl Williams, who is
    responsible for ASIO, said: "This is an issue for customs. It is not a
    national security issue."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Sep 05 2003 - 03:12:25 PDT