[September 07, 2012] County phone system hacked

Sep 07, 2012 (Kerrville Daily Times - McClatchy-Tribune Information Services via COMTEX) -- A computer hacker in Lebanon almost defrauded local taxpayers of nearly $1,500 in long distance call charges and possibly disrupted incoming calls to the Kerr County Sheriff's Office before county employees stopped the calls.







Hill Country Telephone Cooperative, rather than the county, incurred the $1,481 in long distance charges, said Kerr County Information Technology Manager John D. Trolinger. The calls, which were made to the Caribbean from unknown places, began sometime on Aug. 1 and ended the next day. The callers' identities and locations are unknown because they used the Internet to make the unauthorized calls.



Trolinger said the long distance phone calls constituted the only unauthorized use of the county's computer and phone system within the approximately two-week period when the county was vulnerable.





The vulnerability occurred because Trolinger altered a computer setting to allow the county to switch primary Internet service providers.



"I figure it took a few days for the bad guys to scan and find our phone system exposed," Trolinger said. "Then, they started using it at the start of the (phone) billing cycle, hoping to use it for a month before being discovered." County Information Technology Specialist Bruce Motheral alerted Tolinger to the suspicious telephone activity the morning of Aug. 2. Trolinger saw as many as 30 sheriff's office telephone lines tied up by unauthorized calls for as many as five minutes at a time. The county can accommodate 23 simultaneous inbound calls and 40 simultaneous outbound calls, Tolinger said.



Although 911 phone calls are handled by a different phone system, the sheriff's office often takes emergency calls.



"It wasn't a constant stream of (unauthorized) phone calls," Trolinger said. "There may have been a 10-minute period when it used every one of our phone lines, and then it would stop." When he discovered the unauthorized calls were being placed through the Internet, Trolinger went on the defensive.



"There was somebody on the other end fighting to get back in as I was knocking them off (the system)," Trolinger said. "I'd knock a connection down, and then maybe an hour later, it happened again." Trolinger discovered the unique identifying number used by the Lebanese computer, and at 1:45 p.m. Aug. 2, he defeated the hacker by blocking the number from the county's computer system.



Sheriff Rusty Hierholzer said his office still is gathering information for possible prosecution of the hacker. The amount of resources and funds required to prosecute the case would be large compared to the relatively small amount taken by fraud. Additionally, because the computer vulnerability exploited by the hacker was identified and closed, prosecution of the case may be unlikely.



___ (c)2012 the Kerrville Daily Times (Kerrville, Texas) Visit the Kerrville Daily Times (Kerrville, Texas) at www.dailytimes.com Distributed by MCT Information Services

[ Back To TMCnet.com's Homepage ]