An interesting read. The three stand-out facts, however, were that the
City of Baltimore had "very little backed up", that they were taken in
by a phishing attack and that they were warned three years ago of the
potential danger to their inadequately protected systems. The first is
forgiveable, it can happen, but the rest?
We can also surmise that security inside the City networks was very
poor indeed, because one attacker was able to damage so much.
"The hacker, not the city, is to blame" - Well, no, I don't buy that.
Certainly the hacker is to blame for the attack, a reprehensible and
criminal act. But the City is to blame for the magnitude of the loss.
They were even warned about the problems and the potential for
disaster, and still failed to deal with it.
Just because it's a hacker, we get outraged. But it could have been a
flood, a fire or an earthquake. A large part of the fault lies with the
City for allowing itself to be so vulnerable.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (
ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: 8D08 9CAA 649A AFEF E862 062A 2E97 42D4 A2A0 616D
Old fingerprint: A0CD 28F0 10BE FC21 C57C 67C1 19A6 83A4 9B0B 1D75