Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Failure to update software left Naperville computers vulnerable: report

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 26 Oct 2015 09:18:04 +0000 (UTC)
http://www.chicagotribune.com/suburbs/naperville-sun/news/ct-nvs-naperville-computer-hack-st-1025-20151023-story.html

By Geoff Ziezulewicz
Naperville Sun
October 24, 2015
Hackers were able to break into Naperville's computer network in an unprecedented 2012 cyberattack because of a vulnerability in the city's Web software that had not been patched, even though an alert and update had been released roughly a month earlier, according to a Naperville police report.
While city hall has declined Freedom of Information requests for some records from the attack that crippled its computer system for weeks, the narrative in the police report offers previously undisclosed details.
Investigating the incident and beefing up the town's cyber defenses has cost Naperville about $760,000, though cyber security experts say the hack used very basic, off-the-shelf tools to infiltrate Naperville's computer network.
"It's a type of attack that is very common," said John Miller, a cybercrime analyst with iSIGHT Partners, a global cyberthreat intelligence firm. "Nonetheless, it still has the potential to be very damaging." 

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: