[The article in the paper identified a number of "vital points" in the
infrastructure. From the nature of them I think the journalist was
confused about whether people would break into them electronically, or
were going to blow them up! - Clem]
Forwarded From: "Colman, Clem" <Clem.Colman@dva.gov.au>
>From "The Canberra Times" 15/10/98
Inaction exposes us to techno terrorism
By LINCOLN WRIGHT
Top security analysts have warned that the Government has failed to act on
a secret report which concludes that much of Australia's communications,
electricity, gas and other infrastructure is vulnerable to information
warfare.
Prepared by Ian Dudgeon of the top-secret Defence Signals Directorate, the
report, completed last year, concluded that skilled computer hackers could
target critical software underlying Australia's infrastructure, and
recommended that a national body should deal with the issue.
A special inter-departmental committee was even set up in the
Attorney-General's Department last November to report to a Secretaries
Committee on National Security, but so far no action has been taken.
The security of infrastructure has been highlighted recently by the
enormous social impact of the accidental gas explosion at Esso's Longford
plant in Victoria and the growing use of sophisticated information
technology.
An Australian Army expert told a seminar at the Australian Defence Force
Academy yesterday that the Department of Defence had already sought to
replicate a United States experiment in which computer hackers proved it
possible to disrupt vital infrastructure.
The US experiment, a war game called Eligible Receiver, was conducted by
specialists from the US National Security Agency, who used readily
available software to hypothetically 'disable' the US electric-power grid
and the US Pacific Command.
A defence analyst and fellow of the Parliamentary Library, Dr Adam Cobb,
has also caused a few ructions in the defence establishment by publishing
an in-depth analysis of the vulnerabilities of Australia's infrastructure.
Dr Cobb says little or nothing has been done to remedy the situation at
the government level, and there needs to be more debate.
The Dudgeon report on the National Information Infrastructure identifies
threats coming from malicious and non-malicious hackers, disgruntled
employees, organised crime, terrorists and foreign states.
'The actual and potential threat posed by these persons is growing,' the
report said. 'There is less resilience overall to sophisticated attacks
against software or information. The major vulnerability is unauthorised
access by malicious hackers, particularly via Internet or other external
connectivity.'
The report warned, 'Terrorists will increasingly focus on [infrastructure]
as a target for attaining or promoting their aims.'
Mr Dudgeon, now a security consultant, said this week the bureaucracy was
making headway with the problem of infrastructure security, and that
private-sector companies were being consulted.
The Government had accepted the recommendations of his report.
However, industry was very upset with him for putting details of its
infrastructure base on the Internet.
In a May 1998 paper, the chairman of the interdepartmental committee,
Peter Ford, said that it was still undecided whether to establish a
government agency, a joint public-private body, or just leave it to the
private sector.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Wed Oct 14 20:41:15 1998