You can trust government websites to be secure, right?

Ummm… Not so much. The Click2Gov bill payment system has been hacked in eight cities across the United States starting in August 2019. This latest breach of Click2Gov affects 20,000 records from those eight US cities, and while only eight cities have been breached, the compromised payment cards belong to people across all 50 states.

The Click2Gov portal reported a similar breach between 2017 and late 2018 affecting more than 300,000 payment card records from over 45 locations in the US and Canada. In response to the 2017-2018 breach, many of the systems were patched, but this latest breach demonstrates the need for ongoing security assessments to keep data secure.

“It is not known how the attacker compromised the Click2Gov Web servers, but they likely employed an exploit targeting Oracle Web Logic such as CVE-2017-3248, CVE-2017-3506, or CVE-2017-10271, which would provide the capability to upload arbitrary files or achieve remote access,” stated in the FireEye post.

Ongoing zero-day threats continue to be reported at an alarming rate.  The first step in addressing a vulnerability is knowing it exists.  Without knowing where you are vulnerable there is no way to address issues before they become breaches.  For this reason businesses need to assess their attack surfaces and minimize and/or mitigate the risk.

Want to stay ahead of the “bad guys”?

If the government of this great nation struggles to be secure, couldn’t you use a little help securing your business? Contact ITNS Consulting at (608) 563-1975 or sign up for our Business Security Gap Assessment. Don’t delay, contact us today to identify gaps in your business’s security… before it’s too late!

Sources and more information:
Ars Technica
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/

Gemini Advisory
https://geminiadvisory.io/second-wave-of-click2gov-breaches-hits-united-states/

Fireeye
https://www.fireeye.com/blog/threat-research/2018/09/click-it-up-targeting-local-government-payment-portals.html

Forbes
https://www.forbes.com/sites/taylorarmerding/2018/12/21/click2gov-breaches-show-the-power-of-zero-days/#4f8c97f87e2e

Common Vulnerability and Exposure resources:
CVE-2017-3248
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3248

CVE-2017-3506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3506

CVE-2017-10271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271

Ready to have a conversation?

We would really love to hear from you! Give us a call at 608-563-1975 or fill out the form below to start working with our team.

Fill out my online form.

21 Questions to Determine if Your MSP is Ready for Prime Time or is Setting the Stage for Cybersecurity Problems
As if 2020 wasn’t challenging enough for businesses, reports warn that Managed …
The Dangers of the Inbox
There’s a greater psychological undercurrent to cyberattacks than you might think. Cybercriminals …
Securing Your Remote Workers
According to the FBI, daily cybersecurity complaints increased from 1,000 to 4,000 …
New Year, New Risks for IT & Data Security
The COVID-19 pandemic has changed everything about the world as we know …
Ransomware is on the rise again!
Many business's don't realize how common and damaging ransomware attacks have become. …
Attention, Attention… This is not a Drill!
Recently a major Health Insurance Provider sent out a “Security Due Diligence …
What is a Vulnerability Assessment, and why do I need one?
It is important to first understand that every business, regardless of size… …
Paging Doctor Google… Doctor Google, Please Report “Everywhere”.
Initially reported by the Wall Street Journal and corroborated by the New …