Hackers Target Cal - ISO System
|Industry Type:||Power and Utilities|
Like the Salt River Project incident, this incident appears to be rampant with conflicting information. The best data we have is that a relatively inexperienced hacker was able to exploit two Solaris servers that were were part of a development network at Cal-ISO. These servers were supposed to be protected by a firewall, but in reality the servers were connected directly to the Internet. In addition, the Cal-ISO system administrators left the servers with all the software installed by the default setup, leaving numerous vulnerabilities open to exploitation. (#1)
The orginal LA-Times article of states:
The system also lacked the ability to collect a record of events in a secure place, instead leaving them on the computers that the intruder could access. The investigators could not easily detect which files had been changed. A rudimentary root kit—a tool set used by Internet attackers to take total control of a system—had been installed, but other details could not be discovered.
“There was an obvious attempt made to penetrate our systems,” said Greg Fishman, spokesman for Cal-ISO, who would not give any more details. “They were able to achieve minimal penetration into a system that we use to demonstrate software. This was never a threat to our core operations.” (#1)