Telco under cyber attack

[InfoSec News <isn () c4i org>]

http://www.nzherald.co.nz/storydisplay.cfm?storyID=218399&thesection=technology&thesubsection=general

22.09.2001
By JAMES GARDINER 

One of New Zealand's most critical infrastructure companies - but no
one will say which - has been under attack for months from "cyber
terrorists".

Cabinet papers obtained by the Weekend Herald set out the background
for the decision last month to establish a special $1 million-a-year
unit within the Government Communications Security Bureau to deal with
cyber attacks.

The papers say the risks are increasing dramatically and the trend is
likely to continue.

Most of the threats from virus writers and hackers lie outside New
Zealand, and better and faster communications services make this
country potentially more vulnerable.

The State Services Commission says one large telecommunications
company has been under "sustained attack" for several months, but it
does not identify the company.

Companies such as the national grid operator Transpower, other
electricity network companies, banks, oil and gas pipelines, emergency
services, Government departments and telephone networks are considered
potential targets of hackers and virus writers.

Telecom and Clear Communications staff denied this week that their
companies were the victims of the sustained attack.

Information technology specialists think Telecom is the more likely
victim.

It is believed to have shut its big international internet link
Netgate in January after having problems.

Risks highlighted in reports to the Government include the relocation
of critical banking facilities overseas, telecommunications links and
denial-of-service attacks on the internet.

In a report to State Services Minister Trevor Mallard last December,
the commission's E-Government Unit said some banks, including the
Reserve Bank, were moving retailing processing overseas.

The Reserve Bank planned to move computers handling its "real time
gross settlement system" to Australia along with the Austraclear
system, the main means of settling debt securities transactions.

The system is critical to New Zealand financial markets, with billions
of dollars flowing through it daily.

The report said two main risks were posed by the shifts: events in
Australia, such as industrial action that would be outside New
Zealand's control, and the possibility of damage to undersea
transtasman telecommunications circuits.

Both had the potential to disconnect New Zealand from its banking
system.

Denial-of-service attacks, where a target computer is flooded with
requests it cannot meet, were "the most worrying attack type on the
internet", said the report.

"This is a volatile area and one which needs up-to-date information
and a reasonable degree of co-operation to manage."

The recently completed undersea Southern Cross fibre optic cable,
which provides computer and telephone users with greater capacity for
international communications, had increased the potential for
denial-of-service attacks to cause more damage because a greater
volume of requests could be sent to a target computer.

Submarine telecommunications cables between the North and South
Islands were particularly vulnerable because they were laid on the
seabed rather than buried.

A microwave backup existed but did not have sufficient capacity to
replace the cables.

On electricity distribution, the report said Transpower took its
responsibilities to ensure continuity of supply extremely seriously,
but the increasing reliance on information technology to manage the
distribution network meant greater central focus was needed.

The project team that produced the December report said it had been
unable to gather information about the protection of electricity lines
companies' infrastructure assets.

It said there was clearly scope for industry cooperation to increase
security in those areas.

The Centre for Critical Infrastructure Protection, being set up within
the Government Communications Security Bureau with $269,000 of
equipment, will have annual running costs of $847,000 a year plus GST.
It will provide a free service to infrastructure owners and Government
agencies, giving them warnings about viruses, denial-of-service
attacks and software flaws.

* james_gardiner () nzherald co nz




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.