Posted Friday 16th May 2008 13:02 GMT
If he is truly a security professional then you think that after doing this he would at least get rid of the evidence by destroying the laptop, and dumping in some landfill. Then at least when they found it, it would be inadmissable as evidence as they could not prove that he was the last to use it.
Just waiting for someone to do that to Gordon, and Jacquie
Posted Friday 16th May 2008 13:39 GMT
But it looks like McIntosh got one over on the Windows systems.
Posted Friday 16th May 2008 13:39 GMT
You're waiting for someone to dump Gordon and Jacquie onto a landfill? A little bit harsh I feel but can see where you are coming from...
Posted Friday 16th May 2008 13:39 GMT
The Northern Territory (fortunately there is only one) is the least evolved political entity in Australia, and is a long way from becoming a State.
It is the place where dingos steal babies, beer wears a seat belt, and a regatta is held on a dry river bed.
The fact that they have poor network security is perhaps less surprising than the discovery that they have a network.
Anonymous, because I live in an adjacent State.
Posted Friday 16th May 2008 13:39 GMT
TFA has it slightly confused, but it's clear that he didn't hack his way in, he just logged in using a colleague's credentials of some kind that he had learned while he was employed to work on those systems and had authorised access.
>"The prosecutor alleged he used a colleague's IP -- a "unique numerical code'' -- to access a "virtual private network connection'' with the government system and hacked in."
See, that's nonsense: VPN logins are not tied to the employee's home IP address, since they're generally dynamically provided by the ISP and change frequently; every VPN I've seen you log in with a username and password, and sometimes some form of 2-factor device like a SecurID token. (And please, nobody mention IP spoofing unless you understand enough networking tech to explain to me how you propose to ship L2 ARP packets across the internet backbone).
So the offence is seriously misdescribed (and most likely misunderstood too) by the prosecution, and it seems certain to me he just nicked a workmate's login.
Posted Friday 16th May 2008 13:39 GMT
Has the $Aus plummetted in value or something? Nope, still about 50p per... So how does restoring the user setup off tape cost "hundreds of thousands of dollars", and how long will it take?
Posted Friday 16th May 2008 13:39 GMT
That one of the most damaging attacks should come from a Mac (Intosh).. After all that shouting about how secure they are.
Posted Friday 16th May 2008 14:15 GMT
"<i>The attack will cost "hundreds of thousands of dollars" and require months of work to fix, according to prosecutors</i>"<br><br>
What idiot left it in such a state, assuming we can believe the prosecutor. Like, a court of law is the only place the lawyers don't have to tell the truth.
"McIntosh moved to the Northern Territories from Sydney in February to work as an IT security consultant on government systems"
What did they do to piss him off so. And he can't have been much of a 'security consultant' if he did it from home. First rule of hacking, don't do it from home .. :)
Posted Friday 16th May 2008 15:04 GMT
"took out IT systems at the Northern Territories' Health Department, Royal Darwin Hospital" etc. etc.
So they won't be giving him a Darwin Award then?
Sorry.
Posted Friday 16th May 2008 15:05 GMT
"You're waiting for someone to dump Gordon and Jacquie onto a landfill? A little bit harsh I feel but can see where you are coming from..."
He can't do that - they count as "hazardous waste" and require a special disposable procedure.....
Posted Friday 16th May 2008 18:47 GMT
Reason enough to refuse to have a McIntosh in the office.........
Posted Friday 16th May 2008 18:47 GMT
The low cost of restoring from tape is only available if you have a tape and this being NT... :-)
Posted Friday 16th May 2008 18:47 GMT
In Soviet Russia, Macintosh hacks YOU!!!
It is the first time I see a Mac hacking systems. Was this a PowerPC Mac, or one of the evil Intel ones? ;)
Posted Friday 16th May 2008 23:29 GMT
Sure, restoration of multiple complex systems is going to be a pain... but what they're describing is as if they have to rebuild the lot.
Would be *really* surprised if that's the case. (not impossible, but unlikely)
Posted Friday 16th May 2008 23:29 GMT
So , is this what happens when a Mac tries to work in a Win2K environment many deletions and little work done ?
Posted Saturday 17th May 2008 17:43 GMT
There are lots of questions that the outsourcer are going to have to answer, and here are some of them:
1. is it true that they had moved to a web-based software token system, thus allowing support staff to do away with physical "SecurId" tokens.
2. how was he allowed to have knowledge of how to access the VPN gateway.
3. what was the involvement of the colleague, in letting his credentials loose.
4. is morale so poor that CSG have to employ between from interstate.
I think the answers will be:
1. it seemed like a good idea at the time, and it was cheap.
2. poor security practice.
3. bet there was a bit.
4. it's a crud of a company from what I heard.
Back in the day when I worked for the NT Government, they had very good network security. I think it's all fallen down since local IT company CSG (www.csg.com.au) took on the outsourcing contract.
The impact of what he allegedly did was it stopped government business for a couple of days. Costs will run into the millions by the time it's all added up.
Posted Monday 19th May 2008 04:46 GMT
You don't sack a IT worker for serious breaches of security and not change the access controls do you?
Well if you don't work in Britain that is.
I'd say he's done them a favour, as the system needed cobbing a long time ago, by the sound of it. The cost of repairing a serious crappy set up shouldn't be mentioned in court except in his defence.
It wouldn't surprise me he'd only taken a stand and whistle blowing might well have been the reason he was sacked in the first place.
Always remember that when governments and politics are involved, the little guy is usually the goodie.
Posted Monday 19th May 2008 04:46 GMT
"Has the $Aus plummetted in value or something? Nope, still about 50p per... So how does restoring the user setup off tape cost "hundreds of thousands of dollars", and how long will it take?"
factor in the automatic knee-jerk reaction of senior management. The complete and total re work of security permissions for all support staff to "stop this from occuring again".
Posted Monday 19th May 2008 08:40 GMT
IT: Where popping a tape into a drive will cost you $100,000, and pushing a button to enforce a mass password reset is an extra $150,000.
Back to the article