[ISN] State data systems upgraded after hack

From: InfoSec News (isn@private)
Date: Mon Oct 10 2005 - 21:00:37 PDT


http://www.adn.com/news/alaska/story/7069608p-6974390c.html

By SEAN COCKERHAM
Anchorage Daily News 
October 10, 2005 

JUNEAU -- The state is in the midst of a $7 million computer security
upgrade as a result of a cyber-assault that sliced through the
defenses of the state network.

The Jan. 18 attack affected about 110 state computer servers and
prompted an investigation by the FBI and a specialist unit of the U.S.  
Department of Homeland Security. The attack appeared to come from
Brazil, state officials said.

The hackers were "data mining" -- looking for information to steal --
according to Kevin Brooks, the deputy commissioner of the state
Department of Administration. Brooks said no information was stolen.  
But, if it had been, the attack could have led to identity theft using
personal information on the state network.

"It was kind of a wake-up call," Brooks said.

The state and federal governments will say little about the attack.  
What is known is that a Department of Health and Social Services
server was found to be "defaced," meaning its security was breached.  
The state investigation then discovered about 110 other servers with
similar signs of hacking.

That's when the FBI and the Homeland Security Department's United
States Computer Emergency Readiness Team got involved. State officials
on Wednesday refused to release the report that resulted from the
investigation, citing the federal Department of Homeland Security's
demand that it remain confidential.

State officials said they planned before the attack to ask the
Legislature for money to upgrade the computer network. But the attack
prompted them to speed it up. They drew up a proposal that would spend
$41 million on upgrades over five years.

Brooks said the state has $7 million to spend on immediate security
work before the end of the fiscal year next June. Measures are now in
place that should prevent the kind of attack that hit in January, he
said.

Brooks said part of the work is to replace technology. An analysis
after the attack revealed some of the servers and switches on the
network were outdated, he said.

Thousands of state computers are getting Cisco security software
installed, he said. The Department of Administration provided a
statement about the ongoing work from Darrell Davis, the state's chief
security officer.

"It would be counterproductive to tell those involved in fraud and
terrorism exactly what we are doing to make their criminal acts far
more difficult," he said. "(It) includes replacing significant amounts
of aging infrastructure, hardening of routers and servers, deploying
firewalls, establishing security policies and other extra intrusion
prevention measures."

© Copyright 2005, The Anchorage Daily News



_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Mon Oct 10 2005 - 21:07:24 PDT