Sunshine state is a hackers' paradise

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.news.com.au/couriermail/story/0,23739,25732782-3102,00.html

By Daryl Passmore
The Courier-Mail
July 05, 2009

THE personal details of millions of Queenslanders are at risk from hackers 
and identity fraud due to poor security in State Government computer 
systems.

The vulnerability, which could leave people exposed to identity fraud, was 
revealed in a damning report by the Auditor-General.

The checks found that of eight departments in the so-called Smart State, 
only two had intrusion detection or prevention systems to monitor networks 
for security breaches.

"Consequently, if a skilled attacker was to succeed with a network level 
intrusion, it's unlikely to be detected," said Glen Poole's report to 
Parliament last week.

"The audit of IT network security found that except for one entity, the 
level of security is that of a medium-size business rather than a state 
government department holding and processing sensitive information."

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php