How South Carolina Failed To Spot Hack Attack
Attackers stole 3.3 million businesses' bank details and 1.9 million Social Security numbers, cost the state $14 million for cleanup
Just one look: That's all it took for an attacker to compromise South Carolina state systems.
Specifically, a state Department of Revenue employee likely "unwittingly executed malware, and became compromised" after clicking on an embedded link in a salacious email, allowing an attacker to harvest the employee's username and password. So said a state-commissioned analysis from security firm Mandiant, released last week.
Two weeks after the initial malware infection, "the attacker logged into the remote access service (Citrix) using legitimate Department of Revenue user credentials," according to the report. "The attacker used the Citrix portal to log into the user's workstation and then leveraged the user's access rights to access other Department of Revenue systems and databases with the user's credentials."...