http://www.boston.com/news/local/new_hampshire/articles/2006/03/29/nh_computer_specialist_says_superiors_ignored_security_warnings/ March 29, 2006 CONCORD, N.H. -- A state computer specialist who was put on leave two days after a security breach was announced says bosses ignored his warnings about more serious weaknesses in New Hampshire's computer network. Doug Oliver of Tilton, 44, was suspended with pay last month after the announcement of the security breach affecting motor vehicle offices, the state veterans home in Tilton, the Liquor Commission and state liquor stores. Oliver spoke to the Concord Monitor and New Hampshire Public Radio, saying he wants to clear his name. He said officials underreported the extent of the hacking. And he said they knew as early as last summer that perhaps more than half the state's computer systems were at significant or severe risk of being attacked. "I'm not looking to do any harm to anybody," Oliver told the Monitor. "I'm just looking to make sure that the debate and the right questions are getting asked, because I'm not convinced the right questions are getting asked." Rick Bailey, New Hampshire's chief information officer and Oliver's boss, declined to comment on Oliver's allegations, citing personnel issues. "It's a difficult situation," he said, declining to name the employee who was suspended. "An investigation was ongoing. The FBI and the Department of Justice recommended that this individual not be in the environment while the investigation ran its course, and we followed that direction. Administrative-leave scenarios are not intended to suggest guilt or innocence." In February 2005, a hacker defaced the state's NH.gov Web site with internet graffiti. In response, Bailey compiled a three-person team, including Oliver, which was directed to act like hackers to test state computer security. The testing, which concluded last summer, revealed that more than 60 percent of the sampled servers were at risk for "significant to severe" security breaches, Oliver said. One of the biggest problems the team identified was a failure to upgrade databases to protect them from a worm that caused widespread damage on the internet a few years ago. Microsoft has provided patches to protect against that worm since 2003, Oliver said, but had not been applied. "There were events and incidences being reported by this (security tool) that I was seeing multiple network machines being touched by this worm," Oliver told NHPR. "In addition, there were other signatures, other flags or events that this tool was firing at the same time that were strongly indicative of an attack against the network." Bailey said the security tool Oliver used is good, but not perfect, raising the possibility of false alerts. No reports of illegal activity were reported as a result of the security breach the state announced, but officials asked people who used credit cards in the previous six months to report any suspicious purchases to the state Consumer Protection Bureau. State information technology experts became aware of the breach when they spotted software in the system that can allow a hacker to watch transactions, but not to recover earlier records, said Bailey. Oliver said the program also can be used as a security test, and that he installed it last year during the security checking. It was supposed to have been removed. Oliver, who has worked for the state since 2002, was a technical support specialist who had written software and performed security checks on computer servers that handle credit card transactions. He says he was scanning state servers for hacker vulnerability on Feb. 16 when his supervisors asked him to speak with the FBI. Shortly after that interview, he said he was locked out of his network account, and told he was placed on leave. He was not given a specific reason. "I feel that I'm coming under fire inappropriately," he said. "Perhaps (I'm) being scapegoated or retaliated against because of what I know." In his last days on the job, he said, his supervisor accused him of "being chicken little, or being disgruntled somehow, and of being overzealous because of a new toy"- an expensive security device the state had been testing. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Thu Mar 30 2006 - 22:49:02 PST