Friday, September 05, 2003

Hey, Buddy, Got a Mainframe I Can Borrow?

Via Slashdot comes this strange tale about the theft of two mainframes:

On the night of Wednesday, August 27, two men dressed as computer technicians and carrying tool bags entered the cargo processing and intelligence centre at Sydney International Airport.

The men, described as being of Pakistani-Indian-Arabic appearance, took a lift to the third floor of the Charles Ulm building in Link Road, next to the customs handling depot and the Qantas Jet Base.

They presented themselves to the security desk as technicians sent by Electronic Data Systems, the outsourced customs computer services provider which regularly sends people to work on computers after normal office hours.

After supplying false names and signatures, they were given access to the top-security mainframe room. They knew the room's location and no directions were needed.

Inside, they spent two hours disconnecting two computers, which they put on trolleys and wheeled out of the room, past the security desk, into the lift and out of the building.

The brazen theft has prompted Australia's top security agencies to conduct emergency damage audits amid fears that terrorists may have gained access to highly sensitive intelligence from the computers.


The Community and Public Sector Union, which represents customs officers, has asked for guarantees that none of its members is at risk as a result of the theft.

The union expressed fears thatthe lives of undercover agents could be jeopardised after officers claimed that customs officials were covering up the true extent of the damage. Also at risk, they said, are operations against terrorists and international drug cartels in which customs officers watch the movements of suspects and suspicious cargo in and out of the country.

They stressed that terrorists had the most to gain by stealing the servers. "The servers have no value except the information they contain," an officer said. "They would have personal internal email accounts, probably the passwords for those accounts, and any information harboured within them.

"Customs officers use the accounts to communicate volumes of sensitive operational material and intelligence to each other, including information from other agencies such as AFP and ASIO. This would be at risk."

It takes real cajones to carry out such a theft, I must say. Joking aside though, this strikes me as being a mess-up of the highest order. How is it that, in the worldwide climate of hysteria in which calls for national identity cards and biometric security systems have become commonplace, the very people whose identities would seem most in need of verification are so easily able to get access to sensitive installations? This is an airport we're talking about, after all, and these guys did fit the stereotypical profile of the classic "probable terrorist", yet they were waived right through and given two hours to carry out their activities unmolested. As routine a precaution as calling EDS to verify their identities would have been enough to catch them out, yet nobody bothered to do so.

One can only hope that the Australians at least bothered to use strong encryption on their data, and that they bothered to maintain a strict security policy with regards to password length and complexity; given the carelessness on display here, however, I am doubtful that either condition would have held. The sort of bureaucratic incompetence exemplified by this story is worth keeping in mind the next time some politician suggests national ID cards as the universal panacea for all security problems.