Hacker breaks into website of Canadian nuclear agency

Incident prompts security fears

Ian MacLeod, The Ottawa Citizen
Published: Thursday, February 08, 2007

A brazen hacker attacked the Canadian Nuclear Safety Commission website yesterday, littering it with dozens of photographs of a nuclear explosion and raising concerns about the security of information held by the nation's nuclear watchdog.

The incident was discovered about 3 p.m. by a Citizen reporter. All of the commission's current and archived news releases, dating back to 1998, were renamed as "security breaches" and, when opened, a colour photograph of a fiery mushroom cloud appeared under the heading "For Immediate Release."

An accompanying caption read: "Please dont (sic) put me in jail......oops, I divided by zero."

The pages were disabled minutes after the newspaper contacted the agency.

The incident, however, underscores concerns about information security at the commission, which regulates nuclear safety in Canada.

"The fact that it's a nuclear safety commission understandably raises eyebrows because it raises the question about the broader security of their computer systems," said Michael Geist, an Internet and e-commerce law expert at the University of Ottawa.

"The reality is that governments make a particularly juicy target because there's the prospect of broader (media) coverage and they're viewed by many within that (hacking) community as being more secure and therefore more of a challenge."

Because the hacker boldly announced himself on the site's media section, as opposed, for example, to attempting to quietly alter site information, "there's probably no reason to suspect that serious damage was done," said Brian O'Higgins, chief technology officer with Third Brigade, an Ottawa Internet security firm.

LinkHere