UK Government Server ‘Hacked’

When is a ‘hack’ not a hack? Although the National party achieved some embarrassment for the Treasury IT staff they seem to have failed in their attempts at Question Time to score any hits over the ‘hack’.

It seems someone used a search box on the Treasury website and the search function returned answers that it should not have returned. A similar situation occurred in the UK, only this time it was Google that indexed information that it should not have had access to.

Someone in the Parliamentary Digital Service managed to leave a server so completely exposed to the internet that Google indexed the Windows machine’s operating system.

Register reader Chris, who stumbled across this while searching for something related to a Google update, discovered that sizeable chunks of bills.parliament.uk , well beyond what should have been firewalled off from the wider world, were exposed online.

“Looks like they were potentially exposing the entire system drive of the Windows webserver as read-only for some time,” he commented.

The information exposed through Google’s cache (the server itself seemed to have been taken offline) appears to contain large chunks of a Windows OS running, among other things, VMware, cygwin, Sophos antivirus, the Lynx WWW client, Splunk, Perl and the usual suite of Windows services.

While the read-only access provided through Google is merely embarrassing at best, and could provide some clues for black hats determined to break in for whatever reason, it is not known whether the exposure of the server itself was read-only or whether write access was available as well. […]

TheRegister


Obviously, the NZ Treasury is not alone in making server configuration errors, but there does not seem to be any headlines in the UK claiming sustained and deliberate hacking attempts after a search engine returned some inadvertent results.

Surprising as it may seem, technology and IT staff are not perfect. Admit the error, blame ‘an emotional junior staffer’ and move on but don’t claim ‘sustained cyber attacks’ because someone looked in an open shop window.

52%
×