Estimated read time: 2-3 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
SALT LAKE CITY (AP) -- Someone -- apparently a subscriber of a high-speed cable provider in Canada -- hacked into Provo's city Web site and left a taunting message.
"We didn't feel like we were much of a target -- why would anyone want to hack into the Provo city Web site?" said Robert Ridge, director of information systems. "Now that it's happened, I guess it's a higher priority than we thought."
The Web server is not connected to any computers with access to private information, such as personnel files, Ridge said.
Staffers traced Saturday's breach to an old software program the city had stopped using but left on the computer. When the vendor released notification of a vulnerability and offered a patch, staffers overlooked the warning because they did not realize the software was still there.
Hackers may use programs that crawl the Internet, searching for systems with newly publicized vulnerabilities. That may have been what happened on Saturday.
"This is a constant cat-and-mouse game," Ridge said. "It's always a race to whether they find the vulnerability and exploit it first, or we patch it first."
The hacker replaced Provo's Web pages with different pages and posted a sarcastic message with something like, "So sorry, you've been hacked."
Staffers restored the proper pages.
"It was purely a nuisance. They got no information or other gain. They didn't leave their name so they didn't even get any notoriety," Ridge said. "All they did is deny the people of Provo and the people of the world access to our Web site."
"This has been kind of a wake-up call, and now we think we know of other things we can do to strengthen our security," Ridge said. With no resulting damage, "I guess in a way they did us a favor in making us be more vigilant."
(Copyright 2005 by The Associated Press. All Rights Reserved.)