ON AIR NOW

LISTEN NOW

Weather

cloudy-day
64°
Cloudy
H 66° L 36°
  • cloudy-day
    64°
    Current Conditions
    Cloudy. H 66° L 36°
  • cloudy-day
    37°
    Morning
    Cloudy. H 66° L 36°
  • cloudy-day
    45°
    Afternoon
    Partly Cloudy. H 47° L 29°
LISTEN
PAUSE
ERROR

Krmg news on demand

00:00 | 00:00

LISTEN
PAUSE
ERROR

Krmg traffic on demand

00:00 | 00:00

LISTEN
PAUSE
ERROR

Krmg weather on demand

00:00 | 00:00

Local
Security firm: City of Tulsa's 'hacking' SNAFU not company's fault
Close

Security firm: City of Tulsa's 'hacking' SNAFU not company's fault

Security firm: City of Tulsa's 'hacking' SNAFU not company's fault
Photo Credit: Russell Mills

Security firm: City of Tulsa's 'hacking' SNAFU not company's fault

A security company which performed a test on Tulsa's website that city IT employees interpreted as a hacking attack says a simple check would have prevented the false alarm.

The city hired SecurityMetrics, based in Orem, Utah, to conduct tests on the city's web infrastructure, probing for security risks.

The company did so and found some vulnerabilities, particularly in the Tulsa Police Department's site.

But despite the fact that SecurityMetrics had been hired by the city and sent a report on its findings by email the next day, something led city IT employees to believe someone had breached the web server's security.

They shut down the city's website.

Tulsa City Manager Jim Twombly ran a check on the IP address of the computer from which the apparent "hacking" attempt had been launched.

Twombly told KRMG that IP address checked back to a known spamming website, but statements by SecurityMetrics indicate that's not the case.

They say they used an IP address registered to their company and a simple trace back to the source should have allayed any fears of an attempted hacking attack.

Moreover, no one from the city apparently attempted to contact SecurityMetrics about the supposed breach for quite some time.

It took three weeks for the city to figure out what had actually happened and the website remained down for that entire time.

Parts of it remain down, particularly the police website, which Twombly indicates will have to be rebuilt "from the ground up" due to its security vulnerabilities.

KRMG contacted SecurityMetrics and spoke with Amanda Harmon, Manager of Corporate Communications.

She said the people who had worked on the project or could comment on what happened on the record were all unavailable Thursday and they apparently could not be reached by phone.

Nor could she go on the record to answer any questions.

She did send KRMG a brief written statement, included here in full:

SecurityMetrics conducts regular vulnerability scans for tens of thousands of clients each month and uses an identical process to notify all account managers of scan results following each scan completion. In addition, each client has 24/7 online access to their SecurityMetrics account which includes times of past and future scans, and individual scan vulnerabilities. Although there was no breach, we applaud the City of Tulsa for implementing a punctual and accurate response process.

KRMG called back to ask for clarification of the company's characterization of the city's response as "punctual and accurate."

Harmon said she believed that referred to the city's decision to immediately notify "the authorities" and take the website offline, due to its belief that the site had been hacked.

Read More
VIEW COMMENTS

There are no comments yet. Be the first to post your thoughts. or Register.

  • Japan’s recent decision to up its patrols in response to rising appearances ofimplies there might be a serious problem with North Korea’s food supply. >> Read more trending newsThe Guardian reports that at least 28 North Korean boats washed ashore or were found adrift in Japanese waters, the result of North Korean fishermen’s decision to push farther and farther out to sea to make bigger catches for their military, citizens and exports to China. Several of the vessels found were “ghost ships,” labeled as such when found with either a dead or missing crew. Though the number of stray vessels found in Japan this year is consistent with last year’s number, some have expressed concern for the high number of ships found in November compared to the number found last November. The Washington Post offered possible explanations for the spike in appearances, including food shortages which may be the result of tougher sanctions recently passed against the country. “North Korean fishermen have to work harder than ever before, and they have to go farther out into the sea, but they don’t have new boats,” said Atsuhito Isozaki, associate professor of North Korean studies at Keio University in Tokyo. “Plus, North Korea doesn’t have enough gasoline anymore, so they’re running out of fuel.” The concerning state of North Koreans’ food supply was highlighted last month following the dramatic rescue of a North Korean soldier who defected while on duty. Oh Chong Song abandoned his post in November and began to run toward South Korea. He was shot at more than 40 times by his fellow soldiers, and at least five bullets hit him. South Korean soldiers were able to crawl to the area where he lay and he was transportedto a hospital by a United Nations Command helicopter. While rushing to save his life, trauma surgeon Lee Cook-Jong discovered parasitic worms, some were over 10 inches long, in the soldier’s digestive tract. The worms, which have been discovered in other defectors, indicated the use of a detrimental, government-backed approach to health and agriculture in the country: night soil. “Night soil” is a fertilizer made up of human excrement and used by North Korean farmers. There is a perception in the country that night soil makes food taste better and the method has even been personally supported by dictator Kim Jong-Un. The five-hour surgery consisted of removing a bullet, fixing a number of wounds caused by the bullet and removing the parasitic worms that were making their way out of Oh Chong Song’s body. “In my over 20-year-long career as a surgeon, I have only seen something like this in a textbook,” Cook-Jong later said of the flesh-colored parasites he found.
  • Don’t accuse men of overreacting when they’re sick —, according to a new study. Dr. Kyle Sue, a clinical assistant professor in family medicine with the Memorial University of Newfoundland, published an article in the British Medical Journal, contending that men seem to experience worse symptoms of cold an flu than women. >> Related: 7 ways to prevent your child from getting the flu this season Sue’s study also noted that U.S. research showed men had higher rates of deaths linked to flu compared to women of the same age. “I do think that the research does point towards men having a weaker immune response when it comes to common viral respiratory infections and the flu,” Sue told The Guardian. “This is shown in the fact that they [have] worse symptoms, they last longer, they are more likely to be hospitalized and more likely to die from it.” In Ohio, for example, the flu seems to be impacting populations earlier than usual this year. The Ohio Department of Health said the state is above the five-year average for the number of cases reported at this time of year and “significantly higher” than the same time last year. 
  • The acting head of the Oklahoma State Department of Health says a $30 million cash infusion from the Legislature will help pay vendors and fund layoffs. Acting Oklahoma Health Commissioner Preston Doerflinger made the comments Monday during more than two hours of testimony before a House panel looking into the agency's budget problems. Doerflinger announced last week that 198 employees at the department would be laid off to reduce costs.  He says some of the $30 million will be used to give laid-off employees a cash payment equal to 18 months of health insurance premiums. Doerflinger says more systemic changes are needed to permanently stabilize the agency after years of mismanagement.
  • The University of Oklahoma Board of Regents scheduled to meet Tuesday amid calls for board member Kirk Humphreys to resign. Humphreys compared gay people to pedophiles during an interview with an Oklahoma City television station that aired on Sunday. An OU alumni group called for his resignation. The student body president encouraged the campus to voice its opinion on Humphreys' 'ignorant' words.” OU's president said he disagreed with the views. Humphreys said in a statement Monday night that he regretted his comments and that he didn't mean to equate gay people with pedophiles.