Spectator on facebook

Spectator on facebook

BANDITS USE SIMPLE LOGIN TO PENETRATE NBÚ SYSTEM AND GET AWAY WITH 36,000 EMAILS

Security bureau computers hacked

THE COMPUTER system of the National Security Bureau (NBÚ), which does background security checks on people and companies that handle classified information, was broken into by hackers in April, causing concern and embarrassment to state officials.

The NBÚ suffered a "form of security failure".
photo: SITA

THE COMPUTER system of the National Security Bureau (NBÚ), which does background security checks on people and companies that handle classified information, was broken into by hackers in April, causing concern and embarrassment to state officials.

According to the SME daily, the unidentified hackers penetrated the NBÚ network on April 20 and copied data from the system for several days without the administrator even noticing that something was happening.

Responding to the revelation, NBÚ office director Ivan Goldschmidt admitted that the Bureau had suffered "a form of security failure", but added that no classified information had leaked.

The newspaper's sources in the hacker community, however, said that the hackers had penetrated four different NBÚ servers and entered the office's network, gaining access to various data such as the personal e-mails of NBÚ employees.

According to the sources, the hackers copied around 36,000 e-mails from the NBÚ computers.

The NBÚ also communicates with EU and NATO bodies. The Bureau insisted, however, that no harm in this direction had been done. According to Goldschmidt, NBÚ employees are forbidden to send classified data via personal e-mails as a security prevention measure.

Interior Minister Martin Pado said that he was "surprised" by the affair and that the police were communicating with the NBÚ over the matter.

Referring to information provided by the hackers, SME wrote that the NBÚ's computer security was poor, and that the degree of penetration was far greater than the Bureau had admitted. Hackers allegedly even managed to gain complete control over several NBÚ computers and were able to send e-mails in the name of NBÚ Director Aurel Ugor.

Goldschmidt, who spoke to The Slovak Spectator on April 26, insisted that "no sensitive information was leaked" in connection with the hacker action.

The general publicly accessible e-mail server was out of order on that day.

"At the moment the server is being re-configured for increased security," he said.

When asked who would be interested in attacking the NBÚ system, he said that it was "a matter of interest".

"These are publicly accessible servers, and as such they may become a target of such actions by people who want to prove that they are smarter than the people who work for the NBÚ," he said.

Despite the concern aroused by the hacking, officials reassured the public that no severe harm had been caused.

"The situation at the NBÚ is calm. Important data cannot be attacked even in theory," said Robert Kaliňák, the chairman of the parliamentary Defense and Security Committee following a meeting with NBÚ chief Ugor.

Ugor said that the hackers had only targeted the public servers, which were equipped with lower security.

The Attorney General's Office ordered a Bratislava court to launch criminal proceedings in the matter for "damage and misuse of a recording on information media", as the offense of hacking is listed in the Slovak criminal code.


IT security still a problem


The NBÚ leak is not the first of its kind in Slovakia. Several major business enterprises, including telephone network operators and insurers, have encountered similar problems in the past.

In 2003, confidential phone numbers, addresses, and ID numbers of the clients of mobile phone operator Orange were leaked. Then as well, the SME daily reported the story after receiving a CD with the copied data of nearly 900,000 Orange clients from a source.

Insurer Slovenská poisťovňa, mobile phone operator EuroTel (currently T-Mobile) and Slovak Telecom have encountered similar problems as well.

One year later it was revealed that the data of three million clients of Orange and EuroTel, including the phone numbers of politicians, judges, and businessmen, had been leaked on the Internet.

Although local companies and other entities working with IT realize the need for secure systems, they often underestimate the threat that poor security represents.

Juraj Sabaka, the president of the IT Association of Slovakia, told The Slovak Spectator recently that "according to the latest KPMG study [conducted in 2004] two thirds of respondents said that the level of information security was worse or even significantly worse in Slovakia than in advanced Western European states".

At the same time, however, IT security was important for as many as 93 percent of organizations polled.

Sabaka also said that "among the greatest barriers to the faster implementation of IT security in Slovakia are the low awareness of the importance of such security and the financial costs".


Beata Balogová contributed to this story

Top stories

EU roaming fees to end on June 15 – in theory

Slovak customers still waiting to find out how mobile operators will implement change.

Archaeologist pieces together early history of what is now western Slovakia Photo

For an archaeologist, the most important thing is his most recent rare discovery, says Július Vavák.

Students visited Svätý Jur as part of their European Wanderer project

How to sell Slovak books to English readers

Slovak literature makes it to the big bookstores of London, but it is unlikely to become a bestseller yet.

On Wednesday, Slovak literature will be presented in one of the biggest bookstores in London. Among the new books translated into English is also the anthology of current Slovak prose selected and translated by Magdalena Mullek and Júlia Sherwood.

General Prosecutor filed a motion for the dissolution of ĽSNS

The Slovak Supreme Court received a motion to dissolve the extreme right ĽSNS party founded and led by Marian Kotleba.

Jaromír Čižnár