{"id":14275,"date":"2019-01-09T04:30:11","date_gmt":"2019-01-09T12:30:11","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/01\/09\/news-8027\/"},"modified":"2019-01-09T04:30:11","modified_gmt":"2019-01-09T12:30:11","slug":"news-8027","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/01\/09\/news-8027\/","title":{"rendered":"Details, details"},"content":{"rendered":"<p><strong>Credit to Author: Sharky| Date: Wed, 09 Jan 2019 03:00:00 -0800<\/strong><\/p>\n<p>It&#8217;s a few years after Y2K when the IT security team at this university gets a rude awakening, reports a pilot fish in the know.<\/p>\n<p>&#8220;They discovered that persons unknown had hacked into a university server,&#8221; fish says. &#8220;It was being used to launch denial-of-service attacks against a victim somewhere outside the university.&#8221;<\/p>\n<p>The team&#8217;s first job is <i>finding<\/i> the server &#8212; which turns out to be in the alumni office &#8212; and taking it offline.<\/p>\n<p>Then they start digging into the security logs. That&#8217;s when they find out that the attackers have been making use of the server for more than a year.<\/p>\n<p>And once they start checking on the IP addresses of whoever it is that has accessed the server, they discover it&#8217;s not just one or two hackers. It seems people from all over the world have been using this server to launch attacks.<\/p>\n<p>And <i>that&#8217;s<\/i> when the team realizes that the server still has databases full of personal information on alumni and other university donors &#8212; including almost 150,000 Social Security numbers.<\/p>\n<p>So why didn&#8217;t anyone notice that any of this was going on, or even bother to check the logs now and then in the year since it was taken over?<\/p>\n<p>&#8220;Because the server was officially decommissioned months before it was breached,&#8221; sighs fish. &#8220;Turns out nobody remembered to actually turn it off and unplug it from the network.&#8221;<\/p>\n<p style=\"font-size: 0.875em;\"><strong>While you&#8217;re trying to remember what <i>you<\/i> forgot to do, think of Sharky<\/strong> <i>and send me your true tale of IT life at <a href=\"mailto:sharky@computerworld.com\" rel=\"nofollow\">sharky@computerworld.com<\/a>. You can also comment on today&#8217;s tale at <a href=\"https:\/\/plus.google.com\/u\/0\/communities\/113252326043973101081\" rel=\"nofollow\"><strong>Sharky&#8217;s Google+ community<\/strong><\/a>, and read thousands of great old tales in the <a href=\"http:\/\/www.computerworld.com\/search?query=+sharky&amp;s=d&amp;start=0\" title=\"Sharky's archives on easier-to-navigate pages\"><strong>Sharkives<\/strong><\/a>.<\/i><\/p>\n<p><em>Get Sharky&#8217;s outtakes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the <a href=\"http:\/\/www.computerworld.com\/newsletters\/signup.html\" title=\"Daily Shark Newsletter subscription page\">Daily Shark Newsletter<\/a>.<\/em><\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3331904\/security\/details-details.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Sharky| Date: Wed, 09 Jan 2019 03:00:00 -0800<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>It&#8217;s a few years after Y2K when the IT security team at this university gets a rude awakening, reports a pilot fish in the know.<\/p>\n<p>&#8220;They discovered that persons unknown had hacked into a university server,&#8221; fish says. &#8220;It was being used to launch denial-of-service attacks against a victim somewhere outside the university.&#8221;<\/p>\n<p>The team&#8217;s first job is <i>finding<\/i> the server &#8212; which turns out to be in the alumni office &#8212; and taking it offline.<\/p>\n<p>Then they start digging into the security logs. That&#8217;s when they find out that the attackers have been making use of the server for more than a year.<\/p>\n<p>And once they start checking on the IP addresses of whoever it is that has accessed the server, they discover it&#8217;s not just one or two hackers. It seems people from all over the world have been using this server to launch attacks.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3331904\/security\/details-details.html#jump\">To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714],"class_list":["post-14275","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14275","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14275"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14275\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14275"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14275"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14275"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}