[ISN] DND's new threat: disgruntled bureaucrats

InfoSec News isn at c4i.org
Tue May 31 03:05:39 EDT 2005

Forwarded from: William Knowles <wk at c4i.org>


David Pugliese 
The Ottawa Citizen 
May 29, 2005

Step aside terrorists, teenage computer hackers and members of the 
Chinese military.

Once thought of as being the most likely perpetrators in any cyber 
attack on military computer networks, they have now been replaced by 
an even more nefarious threat -- disgruntled Ottawa public servants.

A war game scenario put together by the Department of National Defence 
details how federal workers, during a tense and lengthy labour 
dispute, try to bring down the military's main computer system. In the 
scenario, the attack comes from inside National Defence headquarters 
on Colonel By Drive, perpetrated by a civilian employee who embeds a 
virtually undetectable malicious computer code to disrupt operations.

The exercise, dubbed "Scenario 10 -- Defence of North America Cyber 
Attack Variant," argues that it is entirely plausible that a smaller, 
deliberate attack by a Defence Department employee, such as corrupting 
data through various means, might take place during labour 
negotiations. "However, in a prolonged and vexed strike (like in the 
one featured in this scenario), a more serious attack (for instance, 
data contamination by a knowledgeable employee as illustrated in this 
scenario) could be expected," Scenario 10 states.

The document was obtained by the Citizen through the Access to 
Information law.

Defence analysts, as well as military and civilian intelligence 
reports, tend to focus on terrorists, foreign countries, in particular 
China, or hackers with no cause except to create chaos, as the usual 
potential perpetrators of a large-scale disruptive cyber attack.

Scenario 10 does briefly mention that other nations, terrorists and 
hackers out to create problems are all potential culprits.

Scenario 10 does not, however, detail why the threat from disgruntled 
public servants was elaborated on and turned into a threat scenario.

"It is also possible that an employee who has been influenced by an 
outside agency or a hostile country or organization might propagate an 
internal attack," the documents add. A more serious threat, although 
less likely, would be if a civilian employee gained access to the 
department's classified computer networks, according to the records.

The Defence department could not respond to a Citizen request for 

Defence union chief John MacLennan said he was aware of the Scenario 
10 report, but he described the events contained in the documents as 
unlikely to happen. Mr. MacLennan said it is doubtful that a labour 
organization would do such a thing, although he conceded there could 
be disgruntled employees either in or out of uniform. "You've got 
irate military (personnel) in there too," said Mr. MacLennan, national 
president of the Union of National Defence Employees.

Mr. MacLennan noted that, in terms of security issues, his 
organization supports the department, adding that after the Sept. 11, 
2001 attacks on the U.S., his union, then involved in a labour 
dispute, pulled down its pickets around military bases within 20 

The Professional Institute of the Public Service, which represents 
some of the department's scientific and technical employees, declined 
to comment on Scenario 10.

In the past, Defence department computers have had their share of 
hacker attempts. In 2003, hackers were able to gain access to military 
computers on at least 10 occasions.

In other cases, Defence department employees were being targeted by 
suspicious e-mails designed to plant viruses and other malicious codes 
inside military computers. At least one computer was compromised by 
such a mystery e-mail in 2003.

In 1999, it took a 17-year-old high school student in the U.S. just 10 
minutes to breach the Defence Department's computer system. "The DND 
site was an easy target," Russell Sanford told the Citizen in 2002. 
"It was pretty weak."

Mr. Sanford said he went in and out of the military computer network 
over a period of three days. When the Citizen story emerged, Defence 
officials acknowledged the breach, but claimed the teenager was only 
able to infiltrate the department's Internet website, which did not 
contain any classified information. But the teen claimed that he had 
hacked into one of the department's secure computers via its public 

While he did not access or intercept any classified data, Mr. Sanford 
said he could have done so if he had wanted to. Instead, he left tips 
on the website on how the military could improve its computer 

© The Ottawa Citizen 2005

"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
C4I.org - Computer Security, & Intelligence - http://www.c4i.org

More information about the ISN mailing list