[ISN] Audit finds state servers vulnerable to cyberattack

http://www.baltimoresun.com/news/maryland/politics/bs-md-cyber-audit-20130425,0,3404521.story By Erin Cox and Carrie Wells The Baltimore Sun April 25, 2013 Servers that host internet service for more than 30 state agencies are vulnerable to a cyberattack, according to a legislative audit released this week. The Maryland State Archives, which oversees the five servers, did not update the operating systems in more than five years, auditors found. Without the protective software patches and updates, Internet service for nearly the entire state government could be at risk, Legislative Auditor Thomas J. Barnickel III said. Auditors said there was no evidence of hacking, merely a weakness in the system that could hypothetically knock most state agencies offline or direct state Internet traffic to malicious sites. The audit, released Tuesday, also found that the archives had inadequate procedures to prevent loss or employee theft of its $31.4 million art collection. The report prompted calls for a quick fix from Del. Jon Cardin, a a Baltimore County Democrat, who pointed out that the audit arrived on “the same day Wall Street suffered a near meltdown at the hands of a Twitter hacker.” […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org