|
|
| The Names | Growing Pains | Reader Comments |
| Links | Actions | Back to Index |
 |
Brutality CanadaPolice Brutality O Canada |
This old article is posted here for your interest. EWA is one of the companies that will be displaying their wares at the International Association of Chiefs of Police conference in October, 2001 in Toronto.
Sharon Hobson
The Ottawa Citizen
A few months ago, a man from Sudbury was arrested for hacking into the National Aeronautics and Space Administration and National Oceanic and Atmospheric Administration computer systems in the United States.
Earlier this year, an RCMP investigation uncovered serious breaches in the Immigration computer system. Last fall, hackers broke into the Royal Military College of Canada as well as two Canadian financial-services companies, StockLogic Group and Pacific Rim Investments of Canada.
As individuals, companies and governments increasingly rely on electronic connections and databases, information security is a growing concern. Hackers with either malicious or mischievous motives are always lurking, waiting to take advantage of any chink in the electronic armour. All of this has given rise to a need for countermeasures.
Enter EWA-Canada, a small, local firm that is turning its expertise in analysing and evaluating electronic-warfare systems for the military into a commercial security service.
A wholly owned subsidiary of Electronic Warfare Associates Inc. of Herndon, Virginia, EWA-Canada had revenues of $3.5-million Cdn. in 1997. Its 30 engineer employees, gleaned from the Department of National Defence, the RCMP, the Communications Security Establishment and the Canadian Security and Intelligence Service (CSIS), are "cream of the crop," according to vice-president James A. Robbins.
Operating from 8,500 square feet of office space in downtown Ottawa, EWA-Canada provides a variety of information-technology services, including security evaluation and risk assessment, electronic-warfare threat analysis, and systems and security engineering for the public and private sectors. The facility includes a shielded room and secure communications. Personnel are cleared to "top secret" level.
While the company is still very much involved in electronic-warfare projects for the military, the part of the business that offers tremendous potential for growth is information-systems security.
The protection of information assets is more complex than preventing access, which can be accomplished to some extent by setting up firewalls -- products that screen electronic traffic coming into a company.
Protection involves prevention as well as detection and response. It is not possible to be 100-per-cent confident that you have prevented any unauthorized person from ever accessing your information technology assets. Every new software release opens up new opportunities for hackers. Therefore, it is necessary to know when someone has broken into the system -- and be able to respond by shutting down the intruder.
Hackers no longer need to be able to write software code; tools for breaking into systems are available on the Internet and can be downloaded by anyone. EWA-Canada has catalogued 1,000 hacker tools and is developing ways to counter them.
From its network security operations centre, EWA-Canada can detect and respond to a broad spectrum of attacks and intrusion attempts on a client's computer network. Within seconds of detecting unauthorized activity, EWA-Canada's equipment issues an encrypted alarm, logs the event, and blocks the source of the attack from further activity.
The company is a key player in the government's search for computer security, and is one of only four firms approved by the secretive Communications Security Establishment to supply information-technology security services.
Last year, when the Department of National Defence participated in an international military exercise set up to test the allies' communications capabilities and determine vulnerabilities, EWA-Canada was the contractor responsible for the real-time intrusion detection and monitoring system for the Canadian computer network.
The government has also contracted with EWA-Canada to provide systems engineering and project management support for a major initiative being managed by the Communications Security Establishment called the Public Key Infrastructure.
Mr. Robbins says the project, which is based on encryption software developed by Entrust Technologies Inc. of Ottawa, will allow the various government departments and agencies "to operate and exchange information in a relatively secure manner with digital signatures that will allow them to confirm who they are talking to.
"In many ways, Canada is leading internationally in terms of implementing these kinds of activities."
One of the concerns EWA-Canada emphasizes is the concept of shared risks and inherited threats. Special projects manager Paul Zatychec says businesses are increasingly interconnected both within their own organization and with external organizations. Consequently, "if a company with whom you do business halfway around the world has some security-related vulnerabilities and risks, all of a sudden, if you're connected to them, you now are exposed to those same vulnerabilities and risks.
"Our business as a company is in helping organizations to protect themselves from those inherited risks and shared threats. That's where we see our contribution in the business-information operations world."
EWA-Canada stresses that effective security solutions are not solely technology-based; they involve people and processes as well.
"The two most volatile elements are technology and people." Both are moving at an increasing rate, says Mr. Robbins, and "people need to start thinking about what are the business processes they have in place from a security perspective."
For the past three years, EWA-Canada has been involved in an international effort to determine the best business-security practices. The result has been the identification of 125 best practices related to systems security engineering, including organizational, project management and engineering processes.
Based on this, EWA-Canada can help companies conduct a self-appraisal of their processes. EWA-Canada can then assist the company in identifying where it should invest its resources to get the best bang for the security buck.
This type of assessment can be used to provide trust between connected organizations. A company can say to a potential partner, "If you've demonstrated you've got this minimum profile given to you by a third-party auditor, I will feel more comfortable in letting my network connect to your network," says Mr. Robbins.
EWA-Canada, along with Ernst & Young and the Alberta Research Council, established the Canadian Computer Emergency Response Team (CanCERT) in May to respond rapidly to information-technology threats. CanCERT's mandate is to be the trusted centre for the collection and dissemination of information related to network-computer threats, vulnerability, incidents and incident responses for government, business and academic organizations.
Mr. Robbins says CanCERT is needed because it's important to have a Canadian perspective on the problem and not rely on offshore agencies for information about threats to Canadian databases or Canadian-posed threats to offshore systems.
The first request for help in this regard came from the CERT Co-ordination Centre in the U.S. It related to a Canadian hacker attacking a Korean Web site. EWA-Canada tracked the Internet service provider and the individual responsible and terminated his account.
Of course, this brings up an interesting problem: After identifying the source of the problem, what is the next step?
"What if the Korean government wanted to prosecute," asks Mr. Robbins. "Who do we advise? We have no mandate to do this on behalf of Canada."
EWA-Canada has established working relationships with agencies such as the RCMP and the Canadian Security and Intelligence Service, "and it's pretty well left up to our own discretion as to how to handle these incidents."
The international community is just beginning to deal with this problem.
EWA-Canada is the only Canadian member of the international Forum for Incident Response and Security Teams (FIRST), an organization established in 1992 to foster cooperation in computer-network security, prevent incidents from occurring and enable a rapid reaction when they do occur.
Mr. Robbins says that "almost daily we get warnings about threats," and the "vulnerabilities are outpacing the protective measures." But he points out that, interestingly, even after companies are hit, statistics show that a year later many of them have not implemented the protective measures that would keep them safe from any future attacks.
"There is an additional cost and expertise related to implementing the proper security measures, and in many cases they chose to accept the risk."
That leads Mr. Zatychec to observe that "information-technology security is a little like insurance. No one wants to pay the premium for the policy, but when they need it, they get very interested in it. But it might be too little, too late."
Reprinted under the Fair Use doctrine of international copyright law.
Send your comments and stories of police brutality to: ruitsdawtah@Hotmail.com
This page created August 3, 2001
