[ISN] Hackers target state's computer network

From: InfoSec News (isn@private)
Date: Fri Feb 11 2005 - 00:39:05 PST


http://www.adn.com/front/story/6140359p-6022520c.html

By SEAN COCKERHAM
Anchorage Daily News 
February 10th, 2005 

JUNEAU -- The FBI is looking into a recent rash of cyberattacks that
hit the state's computer network.

"We are aware of it and it is a pending investigation so there is
really very little I can say about it," FBI spokesman Eric Gonzalez
said.

Rep. Pete Kott, R-Eagle River, said a federal task force came to
Alaska as part of the investigation. Kott said he believes the CIA and
the Department of Homeland Security are also involved.

Kott said he was briefed on the situation by state officials.

"Anytime you've got the feds up in Alaska it's got to be a serious
issue," Kott said. "The White House has been briefed on this."

He said the federal team came to Anchorage about two weeks ago and
took piles of data back to Washington, D.C., to analyze.

Kott said the January attacks appear to have originated in Brazil,
although hackers can disguise where their attacks are coming from. He
said he was told there was a security breach, but it was unclear how
widespread it was or which agencies were involved.

"I don't think we were the only state affected," said Kott, who led
the Legislature's Information Technology subcommittee last year.

The Alaska Department of Administration, which oversees the state
computer network, refused to answer questions about the investigation.

"We have no response, no comment," department spokesman Joe Holbert
said.

Kott said the department was slow in letting the Legislature know
about the problem. He said his office got wind of it and had to call
state officials and ask what was going on.

"They were shocked that we even knew about it," Kott said Wednesday.

Stan Herrera, the state's director of enterprise technology services,
said Tuesday that he was unaware of an FBI investigation.

Herrera told the Daily News in late January that the state was looking
into increased activity of cyberattacks on the state network that
month. He described it as "denial of service" attacks that made
computers unresponsive. He said he could provide no estimate on the
breadth of the attack because it was still being analyzed. But he said
there was no indication sensitive material was stolen from state
computers.

The state's computer network contains credit card numbers and other
personal information that could be used for identity theft. Kott said
there could also be "widespread havoc" if a hacker were to penetrate
the Permanent Fund dividend division.

The division director, Sharon Barton, said in an interview that there
was no evidence of that. The Alaska Permanent Fund Corp., which
handles the billions of dollars in fund investments, is not on the
state network and officials said it was not breached. Fund technology
director Marshal Kendziorek said he checked the logs closely when the
state network was attacked.

"We are extremely security conscious here, much more so than other
places," Kendziorek said. "We've seen no intrusions."

For the past decade, Kott said, officials have likely not given enough
attention to beefing up the security of the state computer network.

Kott said the Murkowski administration has moved, though, to review
the system and to "basically come up with a better mousetrap."

He said it's not a high priority among members of the Legislature.

"Nobody understands computers. They know how to turn them on, turn
them off, and to get onto the Internet," Kott said.

Kott said planned security upgrades were speeded up after the January
cyberattacks, although more will likely be needed.

He said he expects the investigators to make recommendations.

"If it's sizable, multimillion dollar upgrades, which I'm guessing
it's going to be, then we have to take a serious look at it," Kott
said. "I don't think we have any choice but to take care of the
problem."




_________________________________________
Bellua Cyber Security Asia 2005 -
http://www.bellua.com/bcs2005



This archive was generated by hypermail 2.1.3 : Fri Feb 11 2005 - 03:17:52 PST