Oh wonderful. Replacing all IT because they were hacked? Let me guess, they will use Windows, Exchange, and MS Office again on the new system. The software triumvirate screaming “please hack me”.
Removed by mod
Mate have a look at the SharePoint vulnerability. It’s embarrassingly bad. Like really really bad, and btw so bad that it’s very easy to understand and exploit. And prevent too, if a jr in my team did this I’d get them in trouble.
No no, you don’t get it.
Random Windows ‘Powerusers’ obviously know more about programming and cybersecurity than people who actually do that for a living, as a professional line of work, duh!
See, I wrote a bash file once, so I basically know everything about software dev, especially on linux as well, which is basically just the whole OS is powershell, right?
/s/s/s
https://techxplore.com/news/2025-07-fbi-national-st-paul-cyber.html
So, this actually was first detected on Friday July 25, escalated all the way up to the Emergency Operations Center on July 28 (Monday), state of emergency / near total intranet shut down (they are quarantineing the whole system) on July 29 (Tuesday).
It seems to me that some kind of rather sophisticated threat actor managed to get into the core … this techxplore article calls it a ‘VPN’, but it isn’t technically a VPN, its a secure access tunnel system that city-gov systems and employees use to talk to each other, it almost certainly is not intended to be geared toward broad internet access/usage, beyond accepting user input from public facing government web portals, such as say, people paying their utliity bills online or trying to submit a business liscense application online, things like that.
This system is sounding like it got fully compromised (as in, low level/high privilege level access was secured), and was either sending data out/in through improper IP addresses, and/or was possibly being hijacked to do some kind of DOS attack … on itself?
I am having a really hard time finding any exact details on this, but this is my best guess.
Given that the EOC essentially immediately shutdown everything and called in a National Guard Cybersecurity team, it seems to me that there is a high chance this was done by basically a nation-state level threat actor.
It also at least seems like the systems, the data, the hardware, have at least not yet been locked down in a ransomware style move, which… could be largely due to their just quickly pulling the whole thing offline, or could be because that wasn’t the goal of the attackers… or some combination of both.
but at least Abilene was insured against such an attack
Oh, well that’s great. I hope the people, whose identity, medical records, or whatever else was stolen will be compensated accordingly. Would be a shame if the money went into building a new, just as unsafe system.
Not that anyone gives a fuck. At this point the argument is “your data had probably already been stolen somewhere else”…
Had to read the article to realise st Paul is a city name. 😅
Also, could it be a 'the call is coming from inside the house " situation?
I remember pedo party hating this mayor. It was all over lemmy during simpler times.
Also, could it be a 'the call is coming from inside the house " situation?
I think this is far more likely than China, North Korea, Iran or Russia having a sudden interest in St Paul Minnesota (a city that most people in the US don’t even think about).
Who benefits more from the crippling of city-level liberal governments and stealing their data, Trump or China? If we see ICE conducting surgical raids within St Paul in the coming months, I think we’ll have our answer.
