Upon assuming their positions, the new authorities at the beginning of 2020 found that in the Department of Informatics of the Scientific Police There was no type of record, protocol or file of how the network and the server room of that unit was and was designed. The existence of obsolete and poorly maintained equipment was also verified, along with a “constant loss of information”.
There was a need to organize and clean the wiring in the room. It was also necessary to identify connection panels with burned outlets, since as a result of a fire that occurred in 2017, the wiring had to be modified and redesigned to continue working temporarily. The burned-out patch sockets were replaced with new ones and the cables that connected the unit’s computers and telephones were “identified”.
All this is part of the explanations of the organism about the computer incident suffered in the middle of this year and that motivated several senators from the Broad Front to demand the corresponding explanations, because the problem involved the safety and preservation of a voluminous amount of judicial expertise, surveys of other data in that body. The incident had been pointed out in June of this by the journalist Gabriel Pereyra.
The request for information was presented by senators Daniel Caggiani, Charles Carrera and Alejandro Sánchez. The answer, which he agreed to The Observer, arrived last September 12 and includes a long journey of incidents reported by the office itself.
The story begins in early 2020. At that time, the National Directorate of Scientific Police maintained a decentralized infrastructure of servers and network equipment that, it is claimed, it lacked the conditions of maintenance, updates and commensurate security. His staff also evidenced a detailed ignorance of the deployed infrastructure since, among other factors, the officials who had implemented those servers and networks no longer worked there.
According to the process outlined by the ministry, in April a failure had been detected in one of the storage disks, therefore, it was considered necessary to change it in order to continue storing information. In May, a new service outage was confirmed, also detecting a total failure in the storage, which suggested that a new disk had broken.
The consequence was that, in principle, several departments and laboratories of the Scientific Police were left without access to part of the information stored there.
The report also details that In March, April and August 2019, internal complaints had been registered that already reported storage problems. There, the hiring of Linux server support technicians was requested, who were the ones who operated the distribution, “for not having trained personnel”. The purchase of a NAS server was also suggested, which works connected to a network and allows data to be stored and retrieved in a centralized point. Another suggestion was to acquire a storage with scalability to address the problem.
At the beginning of 2020, a technical report gave a more explicit account of the “degradation” of the technological infrastructure. There then he began to work on two lines of action: storage servers and networks.
According to the explanation, the information began to be migrated to the ministry’s servers in order to make room in the storage with a capacity of 1 petabyte, equivalent to 1,024 terabytes of data. It started with the oldest information, which ended up not being practical. The reason was that network connection problems arose in the whole unit, since what had been contracted for the 100 Mbps MPLS service was not enough for the volume of data to be transferred.
A virus alert and few hands
The ministerial report indicates that immediately afterwards information was extracted physically through a NAS. First it was 5 terabytes on May 27, 2020. Then another 5 terabytes on June 9. The process must have been interrupted by a “virus alert” when copying the information to the ministry’s servers.
It was also revealed that the physical extraction process was too slow, generating more information than it was possible to extract and in a short time, due to the great demand for existing work. The storage also did not allow changes, maintenance or repair of “hot” disks, due to the type of connection it used and the way it was configured.
This led, it is underlined, to the fact that it could not be turned off since the lack of credentials or information about its configuration there was a risk that it would not be possible to power on or rebuild the raid successfully, since when changing a disk it had to be rebuilt manually using the command line and not at the system level.
During 2021, a public tender was held for the purchase of a new storage, with a capacity of 1 petabyte. The investment was US$ 171 thousand. The acquisition was finalized in June this year.
“A lot of work was done to back up the information while the ministry acquired the new storage”, assured in the Scientific Police report, which clarified that “the time available to complete this task was not enough”.
The improvement works, it was stated, included increasing the storage capacity of the National Directorate of Scientific Police and the security of its network. Thus, the network equipment with capabilities for the deployment of data and VoIP telephony (through computers) were replaced. The Firewall security equipment was also changed for another with better features, in addition to training the new technicians of the agency.
The changes must have included new routers and the purchase of switches, since those that were connected to the current lacked terminals.
A new UPS was also purchased in October last year. The office had six units, all of different capacities and without maintenance, which were also connected in series, causing the second to sixth to be in “battery mode” and could not be properly used.
All the changes were made with their respective registry so that there is a memory of how they are armed. “It was possible to reverse the constant drop in service until it is currently non-existent.”
That office reported that all the skills that are carried out are uploaded to the Ministry’s Public Security Management System (SGSP), so the reported computer incident did not mean “no affectation in that sense”.
The information related to the fall, it is stated, had backup in the Interior Data Center of the information that began to migrate to external disks during 2020 and 2021, as well as part of the server itself that was not affected by the breakage of the discs.
The Frente Amplio senators are now evaluating making a complementary request considering that the Ministry of the Interior failed to respond on two fundamental points. The portfolio’s response avoids clarifying to what and how many cases the information that was compromised by the technical failure corresponded to and from what years those cases were.
