Computer hacking and theft rife in Whitehall

Hacking into Whitehall computers soared last year, with a 140 per cent rise in the number of reported incidents, according to a report published today.

An investigation by the National Audit Office, the public finance watchdog, found that Government departments reported 655 hacking incidents last year, of which 111 were successful. Most hackers were internal staff exceeding their authority to obtain unauthorised information to leak to outsiders, and got oral or written warnings. Twelve per cent of cases ended in legal action.

Last year, the Independent reported how high-security British Telecom records had been made available to members of public on the Internet. In its report, the NAO details how civil servants and outsiders conspired to defraud a Government department of £1.5m. Police are investigating and eight arrests have been made.

Other revelations included a civil servant obtaining personal details of colleagues to blackmail them; a Government official obtaining the private address of a married couple, possibly to assist in the kidnapping of the wife; and two staff members being prosecuted and fined £3,750 after leaking computer data.

Government computers are also increasingly prone to viruses and programmes designed to harm data and other software. Last year, Government departments and agencies reported a 350 per cent rise in virus incidents, to 562. Over half of these cases, NAO points out, were detected by anti-virus scanning software.

Two outbreaks were labelled "significant" by the NAO. The first was the discovery of 38 viral infections traced to one PC hard disk loaded with pirated computer games. Civil servants had been exchanging games by floppy disks or through e-mail. The viruses were the games manufacturer's own anti-bootlegging devices.

In the second, four PCs in a Government typing pool had been infected with a virus which took two days to eradicate.

If hacking and viruses were not bad enough, theft, reports the NAO, "continues to be a major problem, with portable computers, printers and laptop computers being the main targets."

There were 433 reported incidents of theft of Government computer equipment last year, a rise of 60 per cent. In all, equipment costing £1.2m was taken. This included two break-ins to the same office within three months and the loss of equipment worth £102,000.

The thieves, who have not been caught, were thought to have been "stealing to order." Likewise, the culprits behind the theft of 11 PCs and other hardware, worth £55,000, have not been found .

In one of the more bizarre incidents, somebody went to the trouble of taking a computer desk from a room and replacing it with an old one. The locked drawers of the desk were broken into, and information, mostly concerning the personal details of 300 staff, was scattered about.

The NAO acknowledges that the Government is not alone in this. The National Computing Centre's 1994 IT Security Breaches Survey, covering a cross- section of industry and commerce, found that 25 per cent of businesses had suffered theft of computer equipment in the previous two years.