Forwarded from: William Knowles <wk@private> http://mdn.mainichi.co.jp/news/20031216p2a00m0dm004000c.html Mainichi Shimbun Japan December 16, 2003 Hackers could access private data held in the controversial resident registry network with a simple connection, data released by Nagano Prefecture has shown. Tests by the prefecture to infiltrate the system found that access to private information on residents was accessible with local area network (LAN) connections, both from within and outside local body offices. "(The network) is in a dangerous situation in which personal information can be stolen," specialists hired by the prefecture wrote in an evaluation of the access tests. The tests were carried out between September and November this year in the Nagano Prefecture towns of Shimosuwa, Hata and Achi. Attempts to infiltrate the system were made using a computer through three different connections: from outside local body offices with a LAN connection, from within the offices with a LAN connection, and through the Internet. In Shimosuwa, a wireless LAN card available in stores was used from outside government office buildings to successfully gain access to the names of people and other personal data. Infiltration into the Big Brother system was also made in Achi through a LAN connection with the government office buildings, allowing them to control communication servers. Sources familiar with the network said controlling the communication servers would make it possible to access the nationwide server controlled by the Local Authorities Systems Development Center by pretending to be a legitimate user. This would allow hackers to search for and view personal data on residents nationwide. Part of the tests also reportedly showed that it was possible to falsify personal data in the network and send it to servers nationwide. The tests were carried out over a period of 3 1/2 days and were not detected. Attempts made to access the resident register network in Hata through the Internet failed under the security system that was in place. Minister of Public Management, Home Affairs, Posts and Telecommunications Taro Aso countered the Prefecture's claims of weaknesses in the system by saying its essential firewall had not been broken and that other local bodies were not affected. Nagano Prefectural officials said attempts to infiltrate the firewall had not been made because it would break illegal access laws. The Nagano Prefectural Government has been trying to hack into the Big Brother system in an apparent bid to use the results as the basis for justifying its withdrawal from the network. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 16 2003 - 06:17:22 PST