Nerd on site

Nothing to see here, nothing to worry about, move along, folks:

Premier Comments on Security Breach
Nov 27, 2007

Premier Danny Williams says the security breach at the Provincial Health Laboratory was an unfortunate lapse in judgement, but it is not a health care issue. 35 people will be notified in the coming days that some of their sensitive health information, including their names and MCP numbers were available online during the breach. Williams says it was an information technology issue and they are dealing with it as such.

As a computer expert, Danny, of course, knows which computer security breaches are nothing to worry about, and which ones are truly worthy of the evening news and the morning papers. VOCM Reported on February 7, 2002;

Alleged computer tampering
A spokesperson with the Office of the Official Opposition says the RNC has been called in to investigate after someone allegedly tampered with their computer system at Confederation Building.

The spokesperson says government I-T specialists allegedly traced the source of the tampering to a computer in the Government Members Office.

The spokesperson would not reveal the nature of the tampering.

A spokesperson for the Premier's Office says senior officials are looking into the matter and they have no comment at this time.

The next day, the conspiracy darkened, as CBC reported:

Williams suspects electronic eavesdropping widespread

St. John's - Opposition Leader Danny Williams is asking police to expand their investigation of a possible break-in of his party's computer system.

Government computer experts confirmed Thursday that someone had tried to hack into the Tories' computers. The attempt was traced to a Liberal staffer in the government members' offices.

Williams said since then, Tory staffers have told him they suspected similar attempts had been made in the past, but that they hadn't given them much thought at the time.

The Opposition Leader said as a precaution, he's now having all his offices checked. "We would do sweeps to make sure that there's no monitoring devices in our offices...we're doing everything we can to make sure we're tight as a drum in that office," Williams said.

The Royal Newfoundland Constabulary won't comment, except to say it has computer experts working on the case.

But, as NTV followed up on February 22:

FRED HUTTON: We begin our news tonight with word that no charges will be laid in connection with an investigation into complaints by the Opposition that someone in a government member's office tried to hack in to the Conservatives' computer system.

The Opposition filed the complaint two weeks ago. This afternoon, the RNC concluded that, while the government and Opposition share the same system and someone using a computer from the Liberal offices did make several attempts to use the Progressive Conservative printer, no criminal charges will be laid in connection with the incident.

SGT. BOB GARLAND (ROYAL NEWFOUNDLAND CONSTABULARY): The computer in question had been left unattended so we were unsure who indeed was at that computer at the time that some information was sent to the printer, but indeed there were no criminal breaches, there were no breaches of protocol, and the investigation is concluded. No charges will be laid.

HUTTON: Opposition leader Danny Williams had this initial response.

DANNY WILLIAMS: Well, I'm satisfied with the process that the police have gone through. With regard to the outcome, I'm very, very concerned. I mean, we had legitimate concerns. As I said, there were just too many coincidences. You know, another contact that was made with one of our computers was Loyola Sullivan's at the time that the Auditor General's story was breaking. So, you know, we had legitimate concerns. And I think what we've done is we've nipped it in the bud. We've got it before it really got into something really serious.

What has to happen, though, is that there has to be a whole revamping of the system. The government I.T. department has to really look at how it's handling things. We're all on one server. You know, equipment is being shared throughout the building, and it's just, you know, an unacceptable system that's in place right now.

HUTTON: Mr. Williams says the entire incident is unsettling and, as a result, Opposition members are on alert.

WILLIAMS: Everybody is very, very nervous about it, especially on the basis that there's a lot of confidential, a lot of strategic, information that's contained within our offices. And the Premier made an attempt to sort of laugh this off and talk about spy novels and everything else, but you know security is a part of operating political offices, particularly I'm sure the Premier has had it done himself in his own office; he's had it swept.

So, you know, we're concerned. We're monitoring. We've hired security consultants to make sure that these things don't happen again. So we're not treating it lightly and I guess there's, you know, a lesson in it for government and for the I.T. division of government.

Tracy Barron — whatever happened to her, anyway? — reported for The Telegram the next day:

PC 'brouhaha' comes down to a misused printer
Saturday, February 23, 2002

The alleged hacking of an Opposition computer by a Liberal political staffer was actually an attempt to use a Tory printer, a two-week criminal investigation by the Royal Newfoundland Constabulary has concluded.

“We went through the whole system, we looked at it and what we’re dealing with there in the final analysis is a printer,” said Sgt. Bob Garland, RNC media spokesman.

He said the printer had been set to “share” by someone in the Tory office, which opened it up to others on the same network. MHA computers, regardless of party affiliation, are part of a single network.

Investigators have concluded there is no evidence an attempt to access a Tory computer was made. They were unable to determine who attempted to access the printer, although the terminal in question was traced back to the government members’ office.

“We have no idea who was doing it. (It was) someone from the Liberal offices, but whom we don’t know,” Garland said.

And again on the 27th:

Tories knew hacking allegation was false: expert
Wednesday, February 27, 2002

The Conservatives knew the alleged attempt to hack into their computer system was a print-sharing problem before a television crew and police investigators arrived, says government’s information technology (IT) team, which conducted the original internal investigation.

A staff member in the Tory office was told at 2:45 p.m., Feb. 7 — the same day the concern was raised and the RNC called in — that the incident related to print-sharing, which is software the Tories themselves requested, says Harry Hutchings, government’s director of information technology management.

“We told them it was only print-sharing and that there was no threat but, regardless of that, they did take the action they did,” he said.

“What happened wasn’t a breach. Their staff, we believe, knew it wasn’t a breach.”

A two-week criminal investigation by the RNC concluded no security breach occurred and the offending action was an attempt by a Liberal staffer to use a printer in the Tory office.

Brian Crawley, director of communications for the Tories, confirmed at least two people in the office, including the chief of staff, were aware the IT division had traced the attempt to a printer that afternoon. But to them, he said, that fact is — and was — immaterial.

“What we knew was that a political government employee was caught attempting to access our computer system,” Crawley said.

“Based on the fact that it was a Liberal staffer, the timing in which this attempted access occurred — the same day of the tire recycling contract (scandal) — and the history of events, Peter Noel, our chief of staff, called the RNC.”

Crawley said the RNC was called at 2:15 p.m. The opinion of the IT division was not communicated to Tory Leader Danny Williams because it was considered irrelevant, he said.