CYBERFAIL: Hold somebody accountable

As relates to Coeur d’Alene’s recent cyberfail, wherein the city failed to properly safeguard infrastructure through awareness, systems and training, Hammond should resign — as should whomever has explicit responsibility for the city’s IT infrastructure.

It would be interesting to hear from Councilmember Gookin who — as far as I know — is the only sufficiently technical adult operating in city leadership.

Hammond says, “We had a malware incursion.”

Happy to clarify that for you, Jim. That’s not really how malware works. Ask Dan.

It’s more an invitation at play than an incursion, you see.

In practically all cases of malware penetration, someone — normally unwittingly — invites it. There are myriad methods for this (e.g., phishing, spear-phishing, vishing).

It is a distortion to characterize this as an incursion. It is almost certain that someone was duped or irresponsible. Likely both.

Now spastically developing a tolerable security scheme going forward, the city must also resolve who invited the malware and how. Apparently, this is — only now — what the city is paying a third-party firm to do. The city also needs to determine a method to inform the taxpayers it failed and betrayed.

The remediation efforts are an indictment of leadership dressed up as a service to taxpayers. Laughable.

Someone needs to be held accountable.

“It’s really difficult to be completely foolproof,” Jim says.

Pray tell, Jim, who was the fool here?

E.F. FRAZIER

Worley

P.S. It’s not really difficult, but it does require intentionality. Is it the 21st century yet?