City Servers Hacked

Hoss · October 01, 2012, 06:54:41 PM

Quote from: sgrizzle on October 01, 2012, 06:36:13 PM
What I heard is that the guy made close to $200k for a government job, hired off of Williams I think. Veteran of the Williams<->Worldcom dotcom overpay cycle before the bust and IT people started being paid based on talent.

TW says about $140k a year for his current position..and his last job was with Level 3.

sgrizzle · October 01, 2012, 07:02:42 PM

Quote from: Hoss on October 01, 2012, 06:54:41 PM
TW says about $140k a year for his current position..and his last job was with Level 3.

I was told he has a bonus above his salary paid for with grant money.

Hoss · October 01, 2012, 08:02:24 PM

Quote from: sgrizzle on October 01, 2012, 07:02:42 PM
I was told he has a bonus above his salary paid for with grant money.

Hope that wasn't a performance bonus.

tulsa_fan · October 01, 2012, 11:11:43 PM

Sorry, can't believe putting a police captain in that position even for an interim deal shows any more smarts than this entire fiasco

Hoss · October 01, 2012, 11:47:07 PM

Quote from: tulsa_fan on October 01, 2012, 11:11:43 PM
Sorry, can't believe putting a police captain in that position even for an interim deal shows any more smarts than this entire fiasco

Remember, we are talking about the CoT...

dbacks fan · October 02, 2012, 02:15:40 AM

Just my $.10 (inflation adjusted) the city gov't I worked for, in ten years the total down time of the web servers, or any servers for that fact, may have added up to a total of 48 hours, and the longest down time we had was about 4.5 hours between 1am and 5am and that was because we were replacing the UPS system in the server room. We also "stress tested" our system, including the PD system on a quarterly basis, and had outside contractors do actual hack attempts as a varification of security, and never suffered any thing like this. We did have an issue with an IVR server for Parks & Rec that took a couple of weeks to resolve, but that was during a trial "turn up" period and it turned out to be the dialogic card for the phone lines had out of box issues.

Gaspar · October 02, 2012, 07:24:39 AM

I know at least 3 people in Tulsa looking for jobs who have the experience and certifications to run that department. It's not like their's a lack of tallent out there.

By announcing this "interim" situation they have just alerted every recruiter in the state to start locking down available candidates. They will likely have to hire through a recruiter now and pay 3x as much, or (more likely) select lesser certified candidate for the top pay rate. Of course that may not be all bad, because at least then they can "test-drive" some CIOs and find one that works before permanently putting them on payroll.

I'm still having a hard time wrapping my head around how they could make such a simple mistake. Just to figure out if there was something I may have overlooked, I had to run it by our engineers and. . .well, they were stumped.

zstyles · October 02, 2012, 08:48:35 AM

smile happens....this was just more public...I don't think the guy should lose his job..but it is a wake up call to step it up...but again, who knows what else went on..

Conan71 · October 02, 2012, 09:14:17 AM

Quote from: zstyles on October 02, 2012, 08:48:35 AM
smile happens....this was just more public...I don't think the guy should lose his job..but it is a wake up call to step it up...but again, who knows what else went on..

Dude, he had two weeks to figure it out and only after the city incurred an additional $20,000 in expenses due to a mass mailing to notify 90,000 people that their personal information may have been compromised. Never mind whatever cost and donkey pain those people have gone through assuring they have not become a victim of identity theft. That's ridiculous.

The CIO needs to be toast.

sgrizzle · October 02, 2012, 09:28:50 AM

Quote from: dbacks fan on October 02, 2012, 02:15:40 AM
Just my $.10 (inflation adjusted) the city gov't I worked for, in ten years the total down time of the web servers, or any servers for that fact, may have added up to a total of 48 hours, and the longest down time we had was about 4.5 hours between 1am and 5am and that was because we were replacing the UPS system in the server room. We also "stress tested" our system, including the PD system on a quarterly basis, and had outside contractors do actual hack attempts as a varification of security, and never suffered any thing like this. We did have an issue with an IVR server for Parks & Rec that took a couple of weeks to resolve, but that was during a trial "turn up" period and it turned out to be the dialogic card for the phone lines had out of box issues.

That is a good number for downtime and about every major entity should be able to claim that.

P.S. Dialogic cards are a necessary evil.

Gaspar · October 02, 2012, 09:48:01 AM

Quote from: zstyles on October 02, 2012, 08:48:35 AM
smile happens....this was just more public...I don't think the guy should lose his job..but it is a wake up call to step it up...but again, who knows what else went on..

We have a couple hundred clients who's networks we are responsible for. Every year, we have a handfull that get attacked in one way or another. We typically know immediately, and shut down the attack before any damage is done. Sometimes the attacks come from a less secure angle of the network or are perpetrated internally. In those cases we may not know immediately and have to do a little forensics to finger the perp. Either way, it takes only a few minutes to map the attack and determine if it's threat related or something else.

The company the city was using for their PCI compliance is widely used by companies all over the country. Their connection and monitoring of the server(s) is very obvious and immediately identifiable. In most cases, they actually supply a small appliance that allows them to monitor CC transaction traffic, tokinization and encryption. The appliance has it's own address on the server and a large logo on the front of it.

If the IT department was alarmed by an "intrusion" and incapable of determining the nature of that intrusion, they are very highly skilled in ineptitude. If there existed a list of reasons for firing the CIO of a company, I'm pretty sure this would register at the top of that list.

nathanm · October 02, 2012, 01:38:19 PM

Quote from: sgrizzle on October 02, 2012, 09:28:50 AM
P.S. Dialogic cards are a necessary evil.

No, Dialogic cards are an evil thing that companies who want to lock you in to their stupid proprietary software use. They haven't been necessary since the late 90s. These days you can run a busy IVR on a freakin' router if you want to. And I don't mean that all jokey-jokey. You can. You shouldn't, but you can.

carltonplace · October 02, 2012, 02:00:34 PM

Is this the same City IT department that designs and maintains this awesome website?

http://cityoftulsa.org/

Conan71 · October 02, 2012, 02:42:58 PM

Quote from: nathanm on October 02, 2012, 01:38:19 PM
No, Dialogic cards are an evil thing that companies who want to lock you in to their stupid proprietary software use. They haven't been necessary since the late 90s. These days you can run a busy IVR on a freakin' router if you want to. And I don't mean that all jokey-jokey. You can. You shouldn't, but you can.

Grizzle, I believe you have gotten the IT geek smack down.

sgrizzle · October 02, 2012, 02:44:56 PM

Quote from: Conan71 on October 02, 2012, 02:42:58 PM
Grizzle, I believe you have gotten the IT geek smack down.

No, that is more like a compatriot lamenting. He's right that people shouldn't be using them but application vendors everywhere ask for them.

The Tulsa Forum by TulsaNow

News:

City Servers Hacked

Hoss

sgrizzle

Hoss

tulsa_fan

Hoss

dbacks fan

Gaspar

zstyles

Conan71

sgrizzle

Gaspar

nathanm

carltonplace

Conan71

sgrizzle