- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Hackers, apparently from outside the U.S., have made one Kentucky state agency's computer network their old Kentucky home, according to Kentucky's state auditor.
In a press conference held in the city of Frankfort Tuesday, State Auditor Ed Hatchett told reporters that hackers who appeared to be from France broke into servers on the internal network of the Kentucky Transportation Cabinet, the state agency for transportation and vehicle-registration functions.
Since at least April, the hackers have been using it as a warehouse for pirated music, electronic games and movies - even new films like “Lara Croft Tomb Raider: The Cradle of Life” and “Spy Kids 3D: Game Over.”
The hackers also probably had access to bill-paying systems and state-held information such as driver's licenses, the state auditor said.
Harold McKinney, attorney in the state auditor's office, said the problems were uncovered during a recent vulnerability assessment of the state agency's computer network done as part of a routine financial audit of records.
There were signs that some activity originated from Canada and Croatia, in addition to France. The state auditor, who has no more specific information about the hackers, immediately notified the Transportation Cabinet staff about the matter and decided to call a press conference to inform the public.
The Kentucky Transportation Cabinet wasn't aware of the problem until informed Tuesday. Since then, agency staff have been busy assessing the damage and trying to answer press questions.
Transportation Cabinet spokesman Mark Pfeiffer, who acknowledged at least one server at the agency had been hacked, said the agency does not believe internal records and billing systems were compromised.
"The auditor claimed our public records and driver's license records were in jeopardy, but that's not true," said Pfeiffer, because those systems reside on separate networks that are securely separated from the hacked server.
Jim Ramsey, CIO for the Transportation Cabinet, said the hacked server is a Microsoft Proxy Server that was sitting on the edge of the agency's Internet access point. "It looks like the hackers gained access by breaking the password and setting up a subdirectory on some obscure area of it, loaded an FTP application onto it, and used it to send files," he said. "They essentially turned it into file storage for them."
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment