This Web page has been archived on the Web.
BY Bill Rankin, Communications Officer, Communications and Citizen Engagement Sector
Photos: Bill Rankin
"As the offender population changes, so does technology. The populations we manage are not standing still in the technology race. For each advance that we make in maintaining order, they have a vested interest in subverting.”
The speaker was Paul Urmson, Acting Deputy Commissioner, Prairie Region, addressing participants at the annual week-long National Security Equipment Committee meeting in Saskatoon this past May. The audience comprised almost 70 professionals from across the regions and their provincial counterparts, all of whom share the same concern: safety for staff and inmates within correctional institutions.
Included in the event was a trade show where approximately 40 suppliers and manufacturers demonstrated the latest in hi-tech gear and security technologies, most of which are highly specific to the needs of correctional security. It was an opportunity for managers to see what’s available in a marketplace that is expanding in leaps and bounds.
It was also a chance for staff to don their strategic thinking caps and brainstorm about common objectives in security operations, both for the short term and the future. In his speech, Urmson underscored the Correctional Service of Canada’a (CSC) commitment to public safety and its responsibility for managing a changing offender population both in institutions and in the community.
Many of the issues he highlighted — electronic threats to security, in particular — are global in nature, challenging criminal justice organizations almost everywhere. As more and more of the world’s population becomes dependent on computers and related storage and communication devices, opportunities increase to bend these new technologies to illegal purposes: as a means of communication between criminals, a tool for theft and extortion, and as a repository to hide incriminating evidence or contraband.
Electronic devices range from mainframe computers and pocket-sized personal data assistants (e.g., a BlackBerry) to the diskette, compact disc and miniature electronic chip devices. Text, images, audio and other data on these media can be quickly altered or destroyed, and many of these devices, such as thumb drives (see photo) and key-stroke loggers, are easily concealed.
To keep abreast, law enforcement agencies need up-to-date knowledge and equipment to investigate this modern breed of criminals that use established and emerging technologies to support their illicit operations.
Ted Reinhardt, CSC Director of Information Technology (IT) Security, is an advisor with years of experience battling electronic threats. Reinhardt and all Information Management Services (IMS) staff are on the alert 24/7, protecting the Service’s networks from external and sometimes even internal attackers. Much of their demanding work goes on in the background, leaving CSC employees blissfully unaware of any threats until one actually penetrates defences – a rare occurrence – and interferes with their day-to-day work.
External threats come mainly from the Internet, the wild frontier of our age, where speed-of-light communications renders meaningless both distance and geography. An attack on a network can be mounted from Tokyo just as easily as from Toronto.
“When you connect your computer to the Internet,” Reinhardt explains, “you can expect an attack within one minute.
“But don’t take it personally,” he adds with a wry smile. “Most of these attacks are automated and aimed broadly, at nobody in particular.”
To put the situation in perspective: of the close to 100,000 electronic messages that reach CSC every day through the Internet, approximately 60,000 are spam and roughly 350 contain viruses. Do the math and you will see that over the course of a year, the numbers add up to a forbidding amount — a constant bombardment from an enemy that never sleeps. IT Security has been very successful in keeping the “undesirables” out, but occasionally one manages to breach the CSC firewall. Most employees will remember the Sasser Worm two years ago, a “denial-of-service” worm that disrupted workflow without being capable of actually accessing the network.
Not all the attacks are simply a form of vandalism. Skilled hackers try to penetrate networks to gather vital security data that is specific to CSC. But they are after much more than money-related information: intruders also want access to a computer’s resources, meaning its hard disk space, fast processors, and Internet connections. They hijack computers and turn them into “zombies” that spew out spam promoting everything from vitamins to Viagra or use these resources to attack other computers on the Internet. In fact, the more computers an intruder uses, the harder it is for law enforcement to figure out where the attack is really coming from. If intruders can’t be found, they can’t be stopped — or prosecuted.
Another ploy of on-line hackers is “phishing,” in which fraudulent e-mails are sent to unsuspecting individuals. These highly sophisticated fraud artists pose as persons of importance in positions of trust, such as a banker, and using bogus but very authentic-looking log-in screens, ask for personal information such as employees’ names and account numbers so they can solve “urgent problems.”
IT Security staff also spend a lot of time repairing vulnerabilities in software programs used by CSC. When one is detected, it must be eliminated by applying a “patch” — a corrective measure in the form of updated software. Without the patch, the weakness could be exploited by hackers who lie in wait for such opportunities to wreak havoc.
Once the weakness is discovered, patch notifications are sent out, often by the manufacturer, to software users. That’s when the clock starts ticking. The challenge for IMS staff is to test the new patch’s effectiveness and apply it quickly to CSC’s thousands of servers, desktops and laptops (which are often on the road) before trouble starts. It’s a race against time, with employees sometimes working flat out, day and night, to avert the threat.
Reinhardt says that employees sometimes unknowingly disrupt the network by trying to download unauthorized software onto their desktops. “Let me give you an example,” he explains. “You just got a new digital camera for Christmas. It comes with a little software program for loading photographs onto your computer. Seems innocent, but it may cause serious problems because it’s not compatible with our critical service delivery infrastructure, it may interfere with large network systems or compromise our security mechanisms. Some of these little software programs act like miniature Web servers and, unsuspectingly, you end up sharing not only your snaps of Santa Claus but your sensitive documents as well.”
Technology is developing at such a fast rate that devices that were unimaginable 10 years ago are now in the hands of the average consumer. Who would have thought even five years ago that millions of Canadians would be carrying cell-phones that are also cameras and MP3 players all rolled into one?
“These gadgets are so easily accessible,” Reinhardt comments. “I look at the flyers I get in the newspaper every week that advertise these goods and I think of them as ‘threat-of-the-week’ magazines. The emerging technology is so powerful, yet so cheap. One of our jobs in IT Security is to ensure these devices are kept off the network and out of our institutions.”
Inside CSC penitentiaries, miniaturization of technology is a concern. There are cameras available on the market the size of a grown man’s finger and radio transmitters half the size of a fingernail. They are a challenge to detect.
Another serious problem is the encroachment of housing on institutional perimeters. With new homes come new communications services, including access points for cell-phones and other wireless devices (e.g., a BlackBerry) and wireless Internet. The indiscriminate broadcast of radio- and micro-waves often extends outside the neighbourhood, through fences and walls and into the institutions. If an inmate manages to smuggle in a device that is capable of receiving these broadcasts, he/she may be able to gain access to local wireless networks, and instant communication with the outside world.
“To counter this, we do physical searches and electronic sweeps,” says Reinhardt. “And we place a heavy reliance on staff awareness; that’s what gives us in IT Security the biggest bang for our buck. A combination of awareness, monitoring and implementing technical controls keeps us on top of this problem.”
Reinhardt urges everyone to educate themselves about computer security and heed the warnings that IMS staff post through the e-mail system. There are a number of simple steps that everyone can take to protect themselves and the network:
By taking the time to follow these steps, employees can help ensure the security of IT systems and make life easier for IMS staff. We all benefit from a more secure IT network. ♦