A costly reminder of the need to patch and update promptly.
Geoff Ziezulewicz reports:
Hackers were able to break into Naperville’s computer network in an unprecedented 2012 cyber attack because of a vulnerability in the city’s web software that had not been patched, even though an alert and update had been released roughly a month earlier, according to a Naperville police report.
While city hall has declined Freedom of Information requests for some records from the attack that crippled its computer system for weeks, the narrative in the police report offers previously undisclosed details.
Investigating the incident and beefing up the town’s cyber defenses has cost Naperville about $760,000, though cyber security experts say the hack used very basic, off-the-shelf tools to infiltrate Naperville’s computer network.
Read more on Chicago Tribune.
According to the article, the CMS vendor as Ektron, and the city claims the company never notified city staff about the vulnerability.