Cyber attacks and hacking attempts are keeping at least one North Texas city extremely busy. In the first three months of 2018, the city of Fort Worth’s technology team blocked almost 17 million attempts to crack passwords and more than 700,000 attacks against city servers and e-mail, officials said.
“We have a lot of information as a local government that we collect on our customers and employees and people in the community,” Fort Worth Chief Technology Officer Kevin Gunn said.
Gunn said the city is seeing more sophisticated attempted attacks coming from foreign countries.
The latest news from around North Texas.
“The most recent are state-sponsored hackings from places like China, North Korea, Russia – activities from overseas,” Gunn said. “They are increasing in sophistication because they have the resources behind them to put into research and development of those attacks.”
While techs have successfully stopped most attacks and hacks, Gunn said some smaller attempts have been successful.
“We’ve had a few small breeches…one or two accounts that have been compromised,” Gunn said.
Gunn cited one successful attempt in particular where an employee’s log-in was hacked and the hacker changed direct deposit information; having their employee’s paycheck funneled to an account they controlled.
“This is not people sitting at the keyboard trying to crack our passwords,” Gunn said. “They have a computer running and they are trying to make multiple attempts per second against or computer system so it is an automated attack on us.”
Gunn likened the constant attacks as someone walking by a locked door and constantly checking it.
“They are walking by jiggling the handle seeing if they can get in and we have to constantly be focused on keeping the handle locked,” Gunn said.
While the city has only had small breeches techs are aware of the magnitude of what could happen.
“In Atlanta, they went in and encrypted all of the files on the servers to the point that the servers wouldn’t operate and they said ‘pay us a ransom’ and we will give you the key to unencrypt the server information,” Gunn said.
Fort Worth findings from January 2018 through March 2018
• Blocked 704,000 attempted vulnerability exploits from the Internet (540,000 towards web servers, 18,000 towards email)
• Blocked 16.9 million brute force password cracking attempts on web applications
• Blocked 3,260 spyware downloads
• Blocked 1,350 virus downloads
• Blocked 21,840 attempts from users browsing malware hosting sites
• Detected and remediated 232 successful malware downloads
• Log 15 million mentions online (2.6 million documents, 206 dark web posting, 13,000 social media posts, 12 million other)
• Investigated 76 data leaks with potential credentials compromised
• Investigated 18 brand protection cases including 6 brand misuses and 10 phishing sites (Fort Worth domain impersonations)