SF cyber attack a wake up call for Canadian IT managers

A disgruntled network administrator who locked up the multi-million dollar computer system for the city of San Francisco is now behind bars. But Canadian tech experts warn a cyber terrorist could do the same thing this side of the border if we don't take precautions.
7/17/2008 5:00:00 AM By: Nestor E. Arellano

A cyber attack that virtually hijacked the controls of more than 60 per cent of San Francisco's municipal network should serve as a wake up call for IT managers in Canadian government jurisdictions, say technology experts.

San Francisco courts are scheduled to arraign, Terry Childs, 43, a network administrator with the city's Department of Telecommunications Services.

He was arrested Sunday for allegedly changing passwords to San Francisco's computer system and effectively "locking up" the city's multi-million dollar fibre WAN (wide area network) system that handles sensitive data, critical IT operations, and much of the municipality's network traffic.

As of press time, authorities still do not have the access codes that Childs created for himself.

"We continue to monitor the system to make sure we do maintain integrity of the network," said Ron Vinson, chief administrative officer for San Francisco's IT services department. Although Childs is in jail, officials fear he may have a device that could enable another person to access the system by telephone of some other remote gadget.

Meanwhile, Canadian technology analysts say the incident that has unnerved San Francisco authorities could happen in any Canadian city.

"This sort of thing can happen anywhere," said Carmi Levy, research analyst and senior vice-president at AR Communications Inc., based in Toronto.

"Anytime you have a single person solely accountable for access to a given system and that person is not subject to routine oversight, you are vulnerable."

His views are echoed by James Quin, a senior research analyst with Info-Tech Research Group in London, Ont.

Quin says he is not aware of a similar incident occurring in Canada, but added "in all likelihood something like this may have occurred many times in Canada – as it has in other places – but was never reported".

The impact of such an attack, he says, could range from minor inconveniences such as a certain number of users being restricted in the performance of their tasks, to a catastrophic lock out of all city operations.

"It all depends on the processes the locked-out government has chosen to computerize".

And the fallout of such a disaster on public sector operations could be serious, Quin noted.

He said possible scenarios might include:

A spate of mistrials in city courts as judicial proceedings have to be suspended
Delays in city services and maintenance work
A hold up in businesses transactions, such as the processing of land transfer certificates or business licenses

share: