http://www.canada.com/vancouversun/news/story.html?id=20ae6f79-876e-4bec-9a1f-e6b6ca111893
By Robert Koopmans
Kamloops Daily News
March 29, 2008
KAMLOOPS -- The security of RCMP computers used to process evidence for
a looming multimillion-dollar trial was breached from outside the
agency, exposing sensitive files to the possibility of theft and
tampering, Crown documents reveal.
The police computers were also used to view pornography and download
music and illegal software, a letter from senior Kamloops Crown
prosecutor Don Mann states.
The three-page letter, obtained by the Kamloops Daily News Thursday, was
provided to four men accused of being part of a national auto-theft ring
during a court hearing Wednesday.
The information in the letter relates to six computers that handled the
massive volumes of Project Eau evidence.
The computers, which stored and processed more than 250,000 pieces of
evidence, were exposed to viruses and the possibility of tampering after
an officer with the investigating unit hooked the computers to the
Internet, contrary to orders.
The Crown document reveals the computers were hooked to the Internet in
October 2003 and remained connected until May 2005, when Shaw notified
the RCMP that the police agency's computers were spamming e-mail to the
Internet. The breach was discovered and the connection to the Internet
shut down.
The Crown letter indicates one of the Project Eau investigating officers
connected the computers to the Internet, then used some of the machines
for a variety of personal purposes, including viewing pornography,
downloading music and video files, visiting a dating service and chat
sites and a modelling agency site. The officer also visited online
auction sites and a variety of other websites.
The name of the officer was not revealed.
The officer also downloaded various pieces of software, including
LimeWire and Free Proxy, Paint Shop Pro, an Internet chat program knows
as MIRC, the latest versions of Adobe software and WordPerfect. Some of
the downloaded software was pirated.
During the nearly 20 months that the computer bank was improperly
connected to the Internet, one of the six computers became infected by
at least four viruses.
One of the viruses was running a script that made it a part of what is
described in the letter as a "zombie network" used to distribute spam
e-mail unknown to the RCMP.
The nature of the spam e-mail or where it originated isn't known, but
spamming e-mail is widely considered an unethical or illegal activity.
Individuals often use spam to market or sell, among other things,
pornography and gambling sites and grey-market, or illegal, drugs.
A team of investigators from the RCMP's Integrated Technical Crime Unit
examined the computers after the RCMP was notified of the breach.
"A detailed examination of the infected computer revealed that three
known virus programs and one unknown virus program had been running ....
The viruses in question include the ability to open a backdoor whereby
the computer can be controlled for an intended purpose, which would
include the ability to view, copy, delete or change any file on the
infected computer," the Crown's letter to the accused men reveals.
The letter also states the examiners could not conclude that the files
on the computers were not compromised. The team was of the view,
however, the likelihood of files being affected was "extremely low."
Copyright The Vancouver Sun 2008
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
