Wednesday, September 8, 1999 Published at 16:31 GMT 17:31 UK
Hackers hit ministers' Website again
The Scottish Executive Website was found to be insecure
Computer hackers have again breached security surrounding the Scottish Executive's Website.
The intrusion comes less than a week after it emerged that security measures had been tightened following a warning that the site was open to attack by hackers.
Throughout the afternoon, the site was unavailable and the message "currently being updated" was posted on the home page.
A Scottish Executive spokesman said urgent talks were taking place with the site designers to find out the measures put in place since the original warning had been breached.
He stressed that the site did not contain sensitive information.
Security was tightened after a warning it was open to attack from hackers, terrorists and other criminals.
The administration's site was targeted by a group campaigning for greater precautions against information warfare.
The group said the security lapses meant hackers could have gained access and theoretically declared Scottish independence.
DNScon is a computer security conference which claims hackers, police officers and lawyers are among its members.
The group said the biggest loophole in the Scottish Executive's site lay open for months and remained open for several days after First Minister Donald Dewar was alerted to the problem.
DNScon said hackers could have planted false information on the website, such as the results of a reshuffle of the Scottish cabinet, declaring independence, or manipulating the stock market by falsely changing taxes on North Sea oil or whisky.
A spokeswoman said a number of countermeasures were immediately taken.
Members of DNScon are normally publicity shy but one representative, known only as 'Mark', said the Scottish Executive's website failed to keep up to date with the latest security measures.
He said: "The Scottish Executive site was over a year out of date when it comes to these software patches and fixes.
"So the problems were known about in the computer industry for over a year and solved for over a year but they just had not got round, through their policies and procedures, to applying them.
"The giveaway was that by typing a simple addition to a web page address you could read code that you as a normal user of the website should not have been able to see."
The campaigners said the UK was not taking the dangers so-called of Infowar attacks seriously enough.
The group likened hacking processes to the Cold War and, in painting a doomsday scenario said InfoWar could mean anything from missile attacks on enemy radar and telecom centres, to the creation of computer viruses.
Disinformation and spin doctoring have also been seen as constituting InfoWar. The end aim of all these activities, the group said, is to win publicity in the same way that terrorist bombs do.