A former contractor allegedly knocked out government systems and deleted thousands of records in Australia's Northern Territories earlier this month. David Anthony McIntosh, 27, allegedly took out IT systems at the Northern Territories' Health Department, Royal Darwin Hospital, Berrimah Prison and Supreme Court on 5 May, Darwin …
If he is truly a security professional then you think that after doing this he would at least get rid of the evidence by destroying the laptop, and dumping in some landfill. Then at least when they found it, it would be inadmissable as evidence as they could not prove that he was the last to use it.
Just waiting for someone to do that to Gordon, and Jacquie
I'm not a Macfan...
But it looks like McIntosh got one over on the Windows systems.
You're waiting for someone to dump Gordon and Jacquie onto a landfill? A little bit harsh I feel but can see where you are coming from...
The Northern Territory (fortunately there is only one) is the least evolved political entity in Australia, and is a long way from becoming a State.
It is the place where dingos steal babies, beer wears a seat belt, and a regatta is held on a dry river bed.
The fact that they have poor network security is perhaps less surprising than the discovery that they have a network.
Anonymous, because I live in an adjacent State.
Not "hacking", just vandalism...
TFA has it slightly confused, but it's clear that he didn't hack his way in, he just logged in using a colleague's credentials of some kind that he had learned while he was employed to work on those systems and had authorised access.
>"The prosecutor alleged he used a colleague's IP -- a "unique numerical code'' -- to access a "virtual private network connection'' with the government system and hacked in."
See, that's nonsense: VPN logins are not tied to the employee's home IP address, since they're generally dynamically provided by the ISP and change frequently; every VPN I've seen you log in with a username and password, and sometimes some form of 2-factor device like a SecurID token. (And please, nobody mention IP spoofing unless you understand enough networking tech to explain to me how you propose to ship L2 ARP packets across the internet backbone).
So the offence is seriously misdescribed (and most likely misunderstood too) by the prosecution, and it seems certain to me he just nicked a workmate's login.
Has the $Aus plummetted in value or something? Nope, still about 50p per... So how does restoring the user setup off tape cost "hundreds of thousands of dollars", and how long will it take?
That one of the most damaging attacks should come from a Mac (Intosh).. After all that shouting about how secure they are.
first rule of hacking ..
"<i>The attack will cost "hundreds of thousands of dollars" and require months of work to fix, according to prosecutors</i>"<br><br>
What idiot left it in such a state, assuming we can believe the prosecutor. Like, a court of law is the only place the lawyers don't have to tell the truth.
"McIntosh moved to the Northern Territories from Sydney in February to work as an IT security consultant on government systems"
What did they do to piss him off so. And he can't have been much of a 'security consultant' if he did it from home. First rule of hacking, don't do it from home .. :)
"took out IT systems at the Northern Territories' Health Department, Royal Darwin Hospital" etc. etc.
So they won't be giving him a Darwin Award then?
"You're waiting for someone to dump Gordon and Jacquie onto a landfill? A little bit harsh I feel but can see where you are coming from..."
He can't do that - they count as "hazardous waste" and require a special disposable procedure.....
Reason enough to refuse to have a McIntosh in the office.........
The low cost of restoring from tape is only available if you have a tape and this being NT... :-)
Oh, I think I get it...
In Soviet Russia, Macintosh hacks YOU!!!
It is the first time I see a Mac hacking systems. Was this a PowerPC Mac, or one of the evil Intel ones? ;)
Sure, restoration of multiple complex systems is going to be a pain... but what they're describing is as if they have to rebuild the lot.
Would be *really* surprised if that's the case. (not impossible, but unlikely)
So , is this what happens when a Mac tries to work in a Win2K environment many deletions and little work done ?
There are lots of questions that the outsourcer are going to have to answer, and here are some of them:
1. is it true that they had moved to a web-based software token system, thus allowing support staff to do away with physical "SecurId" tokens.
2. how was he allowed to have knowledge of how to access the VPN gateway.
3. what was the involvement of the colleague, in letting his credentials loose.
4. is morale so poor that CSG have to employ between from interstate.
I think the answers will be:
1. it seemed like a good idea at the time, and it was cheap.
2. poor security practice.
3. bet there was a bit.
4. it's a crud of a company from what I heard.
Back in the day when I worked for the NT Government, they had very good network security. I think it's all fallen down since local IT company CSG (www.csg.com.au) took on the outsourcing contract.
The impact of what he allegedly did was it stopped government business for a couple of days. Costs will run into the millions by the time it's all added up.
You don't sack a IT worker for serious breaches of security and not change the access controls do you?
Well if you don't work in Britain that is.
I'd say he's done them a favour, as the system needed cobbing a long time ago, by the sound of it. The cost of repairing a serious crappy set up shouldn't be mentioned in court except in his defence.
It wouldn't surprise me he'd only taken a stand and whistle blowing might well have been the reason he was sacked in the first place.
Always remember that when governments and politics are involved, the little guy is usually the goodie.
"Has the $Aus plummetted in value or something? Nope, still about 50p per... So how does restoring the user setup off tape cost "hundreds of thousands of dollars", and how long will it take?"
factor in the automatic knee-jerk reaction of senior management. The complete and total re work of security permissions for all support staff to "stop this from occuring again".
A dingo took my network!
IT: Where popping a tape into a drive will cost you $100,000, and pushing a button to enforce a mass password reset is an extra $150,000.