Hackers chase our secrets

[InfoSec News <isn () C4I ORG>]

http://news.com.au/common/story_page/0,4057,1157013%255E421,00.html

[Moderators Note: While it seems that the British and the Americans
can't keep a handle on their laptops, I am just beside myself with the
stories today about the security (or lack thereof) of the Australian
military when it comes to keeping an eye on their networks and worse
yet their computers and laptops. -WK]


By SIMON KEARNEY
03sep00

TOP-SECRET Defence Department computers were attacked by hackers more
than 20 times every day last year.

Documents obtained by The Sunday Telegraph reveal the extent of
outsider interest in accessing Australia's military secrets. "There
are at least 20 readily identifiable unauthorised attempts to access
defence systems through defence's firewalls each day," a department
report said.

"The level of attempted penetration is likely to increase as
sophisticated tools to conduct hacker attacks become widely available
on the Internet.

"This trend will require defence to allocate increasing resources to
protect information systems."

Defence already spends more than $8 million a year just protecting
itself from hackers. Almost $1 million of that is being spent on a
crack team of hacker busters to combat attacks.

In the US, the Pentagon -- which receives about 60 attacks a day --
has called for hobby hackers to quit trying to access its systems
because the volume of attacks can hide real national security threats.

In Australia, defence says most of the hacking attacks are scans of
the defence firewall, which is the first line of defence between the
outside world of the Internet and the internal computers in defence
which contain classified documents.

Eric Halil, a spokesman for leading Internet security firm Auscert,
said hackers scanned sites looking for weaknesses which they could
attack to gain access to the computers inside.

"It's like a burglar casing a house looking for a weakness to use to
break in," he said.

A Defence Department spokesman said while the organisation was
attacked regularly, hardly any hackers were successful. "Our firewall
is pretty impervious," he said.

Meanwhile, defence scientists are becoming hackers themselves.

It is considered crucial to a modern military force that it has a
hacking ability so it can fight a foe at the information level by
causing computers controlling key infrastructure, such as power, to
crash.

Defence Science and Technology Organisation work is classified.

The department spent $1.05 million last year maintaining its firewall,
$1 million on strategy and training, $2 million on security and
anti-virus software, $1.45 million on encryption devices, $1.94
million on research and development, and $800,000 on a security
response team.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".