From: InfoSec News (alertsinfosecnews.org)
Date: Fri May 16 2008 - 03:06:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.news.com.au/technology/story/0,25642,23707457-5014111,00.html

By Phoebe Stewart
News.co.au
May 16, 2008

AN EXPERT hacker allegedly shut down the Northern Territory Government
computer system and deleted thousands of employees' identities, a Darwin
court heard yesterday.

And the court heard the Government could still be at risk of another
cyber attack.

David Anthony McIntosh, 27, allegedly hacked in and shut down several NT
Government databases on May 5, including servers for the Health
Department, Royal Darwin Hospital, Berrimah Prison and Supreme Court
using his laptop at a Palmerston home.

Prosecutor Sergeant Erica Sims told the Darwin Magistrates Court
yesterday the Sydney IT expert allegedly deleted the independent user
accounts of 10,475 NT public servants.

She said many workers had to be "stood down", and experts had been
working "24 hours, seven days a week" to repair the damage.

But Sgt Sims said it could take months to fix, with the repair cost
estimated to run into the "hundreds of thousands of dollars".

She said police contested Mr McIntosh's bail application yesterday, as
there were fears he made copies of passwords and data. If they existed,
the court heard the alleged hacker could possibly access these "anywhere
in the world".

IT security consultant Anthony Ashbury said there was no proof copies
existed "at this stage", but they were examining the logs of a number of
servers.

"We believe it may have occurred," he said.

Sgt Sims told the court police had found a file containing all NT
Government passwords, including those of police, after his laptop and
his colleague's desktop were seized.

The Northern Territory News understands all Territory public servants
have been directed to change their passwords.

"He (Mr McIntosh) has excellent computer knowledge ... he would
understand the impact of his actions," Sgt Sims said.

Dressed casually in jeans and a t-shirt, Mr McIntosh looked anxious when
Chief Magistrate Jenny Blokland refused him bail, citing his "tenuous
ties" to the Territory among her reasons.

The IT expert came to Darwin in February as a service engineer, and was
given "high level clearance" to upgrade and maintain the NT Government's
entire system. Sgt Sims said when he resigned on April 7 his credentials
were deleted.

The prosecutor alleged he used a colleague's IP address . a unique
numerical code . to access a virtual private network connection with the
government system and hacked in.

Lawyer Ian Rowbottam said it was "nonsense" to suggest Mr McIntosh made
copies.

A 10-day hearing has been set for October.

Mr McIntosh is facing charges of property damage over $50,000 and up to
10 years' jail if convicted.

_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]