Student reports hacking incidents
Straits Times, By Chong Chee Kin., Thursday, 29 April 1999
A NATIONAL University of Singapore law student has made a police report alleging that her computer account had been hacked into from an account with the Ministry of Home Affairs.
Ms Anne Lee, 21, told The Straits Times yesterday that her SingNet account was hacked into on 10 occasions over four days about two weeks ago.
A protection programme called Jammer, which she had installed in her computer, alerted her to the hacker. It gave her the Internet Protocol (IP) address of the hacker’s computer as well as the dates and times of the hacker’s intrusions.
According to a record of the hacker’s activities shown to The Straits Times, the hacker had tried his luck at all hours of the day – even as early as 3 am. Once, he gained access to her computer three times in a single day.
“When I checked my computer, I was shocked to learn that someone using a program called Back Orifice had hacked into my system,” she said.
“Although there did not seem to be any files missing, there was a lot of sensitive information in the computer, and I also buy things over the Internet.”
Back Orifice allows the hacker to gather information – passwords and credit card numbers, for instance – from the victim’s computer.
The Jammer programme also narrowed the source of the attack to an account with SingTel Magix. She gave the IP address to SingTel Magix and was told that the account belonged to the Ministry of Home Affairs. She also approached SingNet.
“SingNet just said they can’t do anything about it, and told me to make a police report. I just do not understand why anyone would want to access my computer.
“It is as if I am a criminal who had done something wrong!”
She filed a police report on April 20.
When contacted, a Home Affairs Ministry spokesman referred The Straits Times to the police.
Assistant Superintendent John Chang confirmed that a report had been made, adding: “The police are still investigating this case, and the Computer Crime Branch will be handling it.”
A SingNet spokesman said it was working closely with the police on the matter and declined to give further details. He added: “As an ISP, it is our responsibility to keep our customers’ particulars confidential.
“Customers may make a police report if they suspect that their accounts have been tampered with. SingNet only sends warning letters to customers who misuse our network, such as spamming, which affects a large number of people.”
The National Computer Board’s assistant director of IT security, Mr Goh Seow Hiong, said that it was possible, but difficult, for a hacker to set his IP address to resemble one from MHA.
“The system should be able to tell that it is not the genuine address. It is very difficult to change the IP address unless the person has very sophisticated skills,” he added.
SingNet scanning computers
Straits Times, By Chong Chee Kin., Friday, 30 April 1999
MORE than 200,000 SingNet and SingTel Magix customers’ computers, or close to half of Internet subscribers here, are being scanned without their knowledge to see if their systems are vulnerable to hacker attacks.
The Internet Service Provider had asked the Home Affairs Ministry’s IT security unit to do the scan following news on March 6 that two boys who had hacked into 17 SingNet customers’ accounts had been arrested. The scan, begun last month, will continue till all customers’ accounts are covered.
This disclosure from SingTel CEO for Multimedia, Mr Paul Chong, came after The Straits Times published yesterday law student Anne Lee’s complaint to police that someone with an account in the Home Affairs Ministry had hacked into her computer.
Explaining, Mr Chong said SingTel was being “responsible” by giving customers the “value-added service” of scanning their computers.
Asked if the law allowed it to do this without customers’ consent, he said nothing illegal had taken place. “We are merely protecting the interest of our customers.”
Customers were not informed of the scan, he said, so as not to alarm them. “We do not want to make a mountain out of a molehill. In the end, the scan might not turn up anything. If we had informed the customers, it might cause an alarm,” he said.
Also, he said, “real hackers might lie low” if people knew of the scan.
He added that the scanning programme so far had shown that some users were vulnerable, and that they would be informed when the process is over.
He said MHA was approached as the ministry was the “expert” in this area – it had helped crack the case of the two teenage hackers.
He stressed that the scan did not delve into the users’ computer database, or amount to an illegal entry into computer accounts.
“There is no invasion of privacy at all. Basically, what we did was to check if the systems had open windows through which hackers can exploit,” he said.
“The scanning itself does not allow anyone to go into the computer. There was no invasion of privacy. There was no way we could access the information or data at any time.”
Elaborating, Mr Chang Wai Leong, a SingTel director, described the scan as “a policeman patrolling in cyberspace checking if the “windows’ of the computer systems are opened”.
An open “window” is an indication that a hacker might be retrieving information by using the same “language” as the victim’s computer.
The scanning programme, Mr Chang said, had no such ability to “talk” to the user’s computer, and would therefore be unable to receive such data.
Contacted last night, Ms Lee, 21, who had filed a police report on April 23, said the ministry’s IT security unit had contacted her earlier in the day to tell her what had happened.
While she was glad to know that her computer account had not been hacked into, she added: “I strongly think that the subscribers should have been informed about it because anyone with a protection program would think that their systems had been hacked into.
“And that would have caused a panic.”
‘No’ to Net scan requests
Straits Times, By ZURAIDAH IBRAHIM., Friday, 18 June 1999
Saying there was no invasion of privacy, Wong Kan Seng calls criticism of recent Net scanning ‘very unfair’
THE Home Affairs Ministry, stung by public criticism of its recent scanning of Internet accounts, may turn down future requests for the service. Stressing that there had been no invasion of privacy at all, Home Affairs Minister Wong Kan Seng called the remarks “very unfair”, and said that the controversy would deter the ministry’s information technology security unit from helping out again.
“Why get into all these controversies? Better stay out. We will say no to such requests,” he told The Straits Times in a wide-ranging interview on the ministry.
The unit had been engaged as a consultant by internet service provider (ISP) SingNet to find out the scale of the “Back Orifice” problem, which is a virus attack, among its subscribers.
It launched a computer program which scanned more than 200,000 SingNet and SingTel Magix customers’ computers at SingNet’s request.
The non-intrusive scanner was built specifically to check only the network addresses for signs of Back Orifice infection, Mr Wong stressed.
It did not go into the databases or hard disks of the subscribers’ PCs because it has no ability to do so, he added. “Why should the ministry be involved in breaking into other people’s computers? What benefit does it gain to invade people’s privacy when it is there as a consultant?” he said.
“ISPs also have a responsibility to their subscribers to ensure that the accounts are clean. Maybe, in this instance, SingNet could have told its subscribers first. But that would have the culprits and even innocent subscribers staying away. So what is the solution?”
He said he was told that the scanning of subscribers’ computers by ISPs or IT security consultants had been done in other countries, including Australia, the United States and Germany.
MHA’s IT security unit, he added, had a good record in dealing with computer crime.
In 1993, a POSB lucky draw was suspected to have an IT-related fraud in which one of the staff members rigged the computers.
It was the MHA unit which was asked to help to solve the problem.
In 1994, when Singapore Telecom suffered an interruption in its services, it sought the unit’s help.
This time, SingNet engaged the unit because of fears that its subscribers’ accounts had been compromised following the discovery of a website which displayed passwords of subscribers whose accounts had been hacked.
The ministry’s unit found that nearly 900 SingNet accounts had been infected by “Back Orifice”.
“Our people thought they were doing a good turn, and now they’re being blamed for what they thought was a service. I think it is very unfair,” Mr Wong said.