U.S. Coast Guard beefs up security after hack
July 22, 1998
by Laura DiDio
(IDG) -- In the wake of a hacking incident last year that sank a key personnel database and cost $40,000 to recover lost data, the U.S. Coast Guard has intensified efforts to shore up network security.
The Coast Guard's multipronged initiative included shutting down illicit back doors the hacker used to access both the intranet and the database. The service also rebuilt the database and eliminated remote dial-in access.
Those and other security initiatives came in response to the worst network hack by an outsider in the Coast Guard's history, according to Dave Swatloski, the agency's chief of information resources management. In March, Shakuntla Devi Singla, 43, of Fairfax Station, Va., pleaded guilty in U.S. District Court in Washington to accessing a federal computer without authorization and intentionally causing damage when she hacked into the Coast Guard's Oracle Corp. personnel database last July.
Singla is a former Coast Guard employee who helped build the database she eventually hacked. According to court documents and Singla herself, she hacked the network because she was frustrated that the Coast Guard wasn't responsive to her complaints of improper conduct by an agency contractor.
Reached at home, Singla said, "I wanted to get even with them. I was frustrated and depressed because no one listened to my complaints of sexual harassment in the workplace. I did delete information, but I did not crash the system." She said that in hindsight, she regrets the incident and knows it was illegal.
On July 8, 1997, about eight people -- including Singla -- were logged on to the agency's intranet when the database server crashed. It took 115 Coast Guard employees more than 1,800 hours to restore the lost data -- mainly because of a faulty tape backup system, Swatloski said. "Had the tape backup not been bad, we would have only suffered 36 hours of downtime," Swatloski said.
Singla was able to dial in to the network inimpeded by using the password of an unsuspecting end user, who had given it to her before Singla left the job. The faulty backup system did the rest.
"It's been a hard lesson learned," said Jerry Heinl, chief of systems security at the Coast Guard's Headquarters Support Command. "We are now especially emphasizing the importance of not sharing passwords."
That is crucial because the Coast Guard is migrating to an all-Windows NT network. "In NT, no one needs to know a user's password except the individual user," Heinl said. The Coast Guard had been run-ning the proprietary Convergent Technologies operating system, which let administrators such as Singla know users' passwords.
To compensate for the fact that Windows NT is an open, standards-based operating system, the Coast Guard devised a layered approach to safeguard the NT servers. "We control all access points to the network. That means secure authentication to dial in to the network and firewalls around all the Internet servers," Heinl said.
The Coast Guard has always conducted background checks on security and systems administrators and outside contract workers, and Heinl said that policy will remain in place. To heighten security awareness among end users, all new hires must watch a video that outlines good security practices such as not sharing passwords. Additionally, workstations connected to the agency's intranet are now configured to automatically lock out usage after five minutes of being unattended, Heinl said.
The Coast Guard closed down the pathway Singla used to hack the database and shut off dial-up access to the Oracle database. "We've also rebuilt the entire database to ensure that we had no rogue passwords or IDs floating around," Swatloski said.
"We know we'll never have 100% foolproof security, but we can keep the risk at acceptably low levels," Heinl said.
Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.