When sending an imitated phishingmailtje to 45 councillors of the municipality of The Hague, responded, about a quarter is actually on the content. This is evident from an examination of the Hague Court, which, in various vulnerabilities found in the internal network.
The relevant phishingmailtjes were by way of trial just before the elections to the 45 councillors sent. Would a link have been included that referred to a non-existing survey. From the klikresultaten the Hague Court can infer that eleven councillors actually the link aanklikten.
The Court of auditors tilt there heavy. “One response to a phishingmail is in a real situation enough to allow an attacker the possibility to install malware on the internal network or data of the receiver to get hold of. The test displays how vulnerable the security of the internal network to attacks from outside.” Phishingmailtjes in targeted attacks usually tailor made and hackers use to install malware or access to sensitive data to scam.
The researchers came to after performing penetration tests a total of 34 vulnerabilities on the municipal network, of which fifteen the qualification is high to very high were taped. So, they obtained access to personal data of residents of the city. Most of the vulnerabilities would by now have been fixed.
According to the authors of the risk analysis is the conclusion that the municipality has taken insufficient measures to information of citizens and businesses to protect against attackers. In addition, municipalities more and more data of citizens to save because they are from the Government more tasks in situations. Further, the Hague Court of auditors, the annoying thing is that the vulnerabilities found were not known by the municipality.
The city council has pledged that the measures will take to ensure the security of the internal network to improve. So it will be each year by an external agency, the security let keys. Also staff need to be better informed and there will be ‘technical resources’ to the network connected to any intruders in a timely fashion identify.
Comments
(158)