Hackers Fail To Take Down San Diego's Network During All-Star Game
Sandeno prepares to host the All-Star Game officials mobilize security police and firefighters around in part. The city was also prepping their cyber defenses. The planning seems to have paid off. It's repelled a significant effort from foreign hackers during the game. Michael Lipkin spoke with Gary Hayslip , chief information security officer, city of San Diego to learn more. How significant was this attack during the All-Star Game? I hate to say it was where, but is very common. We are finding out from talking to other municipalities and other organizations that are specially in the public eye. Yeah people that have -- want to make a statement and sometimes they brag about it on Twitter afterwards. When you think about it, we have the All-Star Game here. You have millions of people online. There watching the city of San Diego and watching the game and all the preparations and the events. You are going to have people that protest whether it is in the streets. It is something that you have to deal with if you are connected to the Internet. Regardless there's always threats when you're connected to the Internet. You are going to have to listen to people that want to disrupt the make a statement. For us, it did not knock the city off-line or anything. There was a impact because they were flooding the Internet with garbage to try to slow things down. It started about an hour before the game and then ended about an hour afterward so it was somebody making a statement. What do we know if anything about the people behind this attacking All-Star Game? Honestly, what we saw was the toolsets that were being used. They are some of the prestandard stuff that is available. It is kind of sad a lot of these different tools that are used by actors are so available. They're not that hard to use and there's even videos and documents that will walk you through a tell you how to do stuff. It is almost like launching a cyberattack in a box. The tools that they were using was common. Even then you cannot be one of the % sure just because there's all kinds of techniques to make it look like they are coming from Russia when actually it's coming from Florida. It looks like the traffic was a lot of heavy traffic was coming from overseas. The All-Star Game attracted all of this attention from hackers but what does a typical day look like for the city of San Diego? A lot of the attacks about 90% are automated tools. Lot of the entities that do this type of cyber disruption or cybercrime are just organizations to them it is a business. It's all about running different tools and getting as much out there as possible and then you find someplace that is not doing proper cyber hygiene or do updates or taken care of the networks and not doing security. Those organizations get hacked. They become doorways for these cyber actors to get in. Lot at times they break-in not because they want to break in industry stuff. Sometimes they break-in because they're looking at what this is company have to do. What are the conditions that said Eagle has that will attract hackers? The city of San Diego is a four billion-dollar business. Large organizations you have connections to a lot of third parties. You have connections to a lot of partners in a lot of different vendors. It depends on what they're looking for. Also just depends on data. We don't have intellectual property. We are not doing research like some of the research hospitals or universities are companies like welcome. We do have data. It just depends on what they're looking for. I find that not all data is the same. It's open and it's available in its out there the public so why steal it? They might want other information about citizens, which is the reason why we have to be vigilant and the reason why we take security seriously because the citizens expect us to provide secured services to them. So you said on a typical day maybe 90% of the attacks are based on these automated tools urges probing the city's defenses, but 90% of what? We probably average about 800,000 $2 million per day of like somebody knocking on the door. That is actually about average for large organizations. You have a lot of different tools that used to automate as much as possible. The clear way to shop person a you can look at the very serious stuff. The serious stuff is you have entities out there and they are using very sophisticated tools and using very sophisticated techniques. Those things have signatures. They have telltale signs that this is not normal or the average hacker tools. When you see these things that's when you collaborate. I want to talk about the number you mention. This isn't 800,000 12 million individuals that are probing the system, right? That seems like it would be very high. It is at like 1 million individuals. It is attacks that are being fired. It's a lot smaller GroupWise. Some of things that we've seen sometimes were we work with the third parties it really looks like they are proof of concept. Wherever these individuals are they have new tools and you things that they're showing L and the old fire and targets to kind of see how we respond or how we we defend against the and go back to the laboratory make some tweaks in the Dragon. That was Gary Hayslip.
As San Diego prepared for the MLB All-Star Game this July, the city mobilized firefighters, paramedics and both uniformed and undercover police officers around Petco Park. But the city was also readying its cyber defenses, and the planning seems to have paid off.
City officials said they repelled a significant effort from foreign hackers during the game, The San Diego Union-Tribune reported Wednesday. Gary Hayslip, the city's chief information security officer, said the attack managed to slow San Diego's network somewhat, but was largely unsuccessful.
Hayslip joins KPBS Midday Edition on Thursday with more on what the hackers were after and how the city rebuffs more than 800,000 attacks to its network every day.