APB Online:
      
      HACKERS WORRY MINNEAPOLIS OFFICIALS
      City Secures Its Computers as Conference Comes to Town 

      May 21, 1999 

      By Hans H. Chen 

      MINNEAPOLIS (APBNews.com) -- The arrival of several hundred
      computer hackers this weekend has prompted the city to shut down
      several vulnerable points in its computer network. 

      While the city's computer guru called the weekend shutdown "an
      opportunity to remind ourselves of network-based security," the
      conference organizer called the measures "an overly paranoid
      precaution." 

      The hackers descended today on the Minneapolis Convention Center for
      RootFest 99, a three-day discussion of computer security open to "the
      computer underground, hackers, IT professionals, government agents,
      feds," according to the conference's Web site. 

      The conference features sessions entitled "Circumventing Internet
      Censorship," and "Internet Security in Europe: State of Affairs."
      Speakers include both hackers and computer security consultants 

      City downplays concerns 

      But the city responded to the event by closing off some older 
      dial-up modem lines that a few telecommuting employees and remote 
      city agencies still use to connect into the city's network. 

      Don Saelens, the city's information technology manager, downplayed
      concerns about possible hacking attempts. 

      The conference, Saelens said, presented "an opportunity to remind
      ourselves of network-based security." 

      But Saelens did admit that the timing of the system shutdown was not
      wholly coincidental. 

      "We've been doing a number of upgrades on our own networks, and
      these were all slated to go out anyway this year," Saelens said. "I 
      have to admit, [this conference] was a reminder of network security 
      that heightened the awareness." 

      Police reportedly shut down 

      In addition, the Minneapolis Star Tribune reported that the city 
      Police Department shut down its computer network over the weekend. 
      Saelens and a police official refused to confirm the report, citing 
      safety concerns. 

      "The only thing the police is saying is we are not releasing 
      anything we are doing for security reasons," said Penny Parrish, a 
      police department spokeswoman. 

      'Hacker threat'? 

      Chris Lothos, an organizer of RootFest, attacked the city's measures 
      in a dispatch on the RootFest Web site. 

      "It's an overly paranoid precaution taken for the 'hacker threat' 
      that RootFest supposedly poses to the world at large," Lothos wrote. 

      The conference also printed on its Web site a copy of the e-mail 
      memo Saelens sent to city employees alerting them to the security 
      measures. Saelens said he's not sure how the group got a copy of his 
      e-mail. 

     >Subject FW: NOTICE TO ALL PARK BOARD COMPUTER USERS regarding Hacker
      >Conference this weekend
      >Importance:    High
      >
      >Minneapolis Park and Recreation ITS Hacker conference action plan:
      >
      >       In response to the City's action plan noted below, Park Board ITS
      >will be disabling the Park Board's Email services Friday evening, May 21st
      >through Monday morning, May 24th.  Park Board users will not have access
      >at all to their Park Board Email accounts during this time.
      >
      >In addition - Dial-In (Reachout) services will be disabled Thursday
      >evening, May 20th beginning at 8:00pm through Monday morning, May 24th.
      >The Minneapolis rec centers and other remote users will not be able to
      >access their Reachout accounts during this time.  Remote  PEIRS users
      >entering time are advised to do so by Thursday evening, May 20th by
      >8:00pm.
      >PEIRS users downtown, at the SSSC, or on frame-relay (golf courses)  will
      >be able to enter in time as usual.
      >
      >If you have questions, please contact the Park Board Help Desk at
      >661-XXXX.  Thank you for your cooperation.
      >
      >Larry Brandts
      >Park Board ITS Manager
      >
      >
      >-----Original Message-----
      >From:  XXXXXXXXXXX Sent:       Wednesday, May 19, 1999 10:35 AM
      >To:    All Exchange Users
      >Subject:       NOTICE TO ALL CITY COMPUTER USERS
      >
      >To all City Staff,
      >RootFest '99, a convention of so-called computer "hackers" will be meeting
      >in Minneapolis this weekend, May 21-23.  You may have read news stories
      >about individuals (hackers) who have used their computer programming
      >skills to gain unauthorized access (hack) into computer networks of
      >government agencies, businesses, banks, or other high-profile
      >organizations.  Sometimes, these individuals hack into computers to
      >perform fairly harmless computer pranks.  However, that is not always the
      >case.  Hackers can also infect entire computer networks with disabling
      >viruses.
      >
      >As a precautionary measure, we are reminding you of safe computing
      >practices that should already be followed, as well as some additional
      >steps we will be taking to protect the City from any unauthorized access
      >to our network.  To be successful, we will need the active participation
      >of all City staff.
      >
      >1.  Employees must turn off their computer terminals at the close of
      >business each night.
      >
      >2.  Those who have an individual analog phone line and modem should be
      >turning off the modem every night.  There are very few of these individual
      >analog lines and modems left in the City, and they are being phased out
      >because of their risk to network security.   Anyone who has one of the new
      >City image pc's does not have worry about this issue, as they are using
      >the new City standard for remote access.  If you have not had a line/modem
      >installed, you do not need to do anything except turn off your pc.
      >
      >3.  Employees will not have access to their City email accounts at all
      >beginning Friday evening through Monday morning.  There will not be access
      >to email outside of the City from Thursday evening through Monday morning.
      >
      >4.  Access to the City's network from outside locations will be
      >temporarily cancelled Thursday evening through Monday morning.  This will
      >not impact the majority of staff members, but as an example, if you can
      >currently check your City email account from home, you will not be able to
      >do so during that timeframe.
      >
      >Employees who will be at work over the weekend will have access to Insite,
      >the City's intranet, as well as the Internet.
      >   While I do not believe the City will be a target for these individuals, 
      >it
      >is a prudent business decision to follow these simple safety precautions.
      >If you have questions regarding any of these steps, please contact Wanda
      >Forsythe, in ITS Security.  Her number is 673-XXXX.
      >
      >Thank you for your attention to this matter.
      >
      >- Don Saelens
      >*  *  *  *  *  *  *  Sara Dietrich, Communications Department
      >673-XXX; 673-XXXX (fax)