DEP did not provide additional information about the computer outage, which affected a variety of online databases used by the public, but agency acting public information officer Jake Glance said that the computer system downtime “was not the result of hacking.”
On Wednesday, the internet technology firm Recorded Future had reported that the DEP was one of 60 government agencies and universities in the United States and the United Kingdom where computer systems were compromised by the hacker known as Rasputin.
The report described Rasputin as “a Russian-speaking and notorious financially-motivated cyber criminal.” DEP appeared to be the only West Virginia institution included in the hacking. Other U.S. agencies ranged from the Virginia Department of Environmental Quality to the city of Pittsburgh and the National Oceanic and Atmospheric Administration.
The release of the Recorded Future report coincides with the timing of a more than weeklong outage of DEP’s online databases that allow public searching of mining, other permits, and a variety of other environmental protection data. Those systems went down on Feb. 7 and were restored Thursday morning. On its Twitter feed, DEP has several times acknowledged “technical difficulties” with those online databases, but has not offered any further explanation.
The Recorded Future disclosure was picked up and reported by various technology websites and publications, including Computer World and ZDNet.
Several hours after the Gazette-Mail posted a short story citing the Recorded Future report, Glance said in an email message, “The recent downtime of the WVDEP network was not the result of hacking. Your story is false.”
Glance did not provide any additional information in response to questions about the cause of the outage of DEP’s computer systems and declined to clarify whether he was saying that DEP did not believe that any hacking of its computer systems had taken place.
Massachusetts-based Recorded Future said that the systems at DEP and other institutions were compromised using “SQL injection,” a common vulnerability of databases that are managed using Structured Query Language, or SQL.
In such attacks, hackers instead of entering data to search for instead enter an SQL database command of their own to change the underlying data.
“SQL injection has been around since databases first appeared on the internet,” the Recorded Future report said. “When a user is allowed to interact directly with a database, through an application in a web browser, without checking or sanitizing the input before the database executes the instruction(s), a SQL injection vulnerability exists.”
©2017 The Charleston Gazette (Charleston, W.Va.) Distributed by Tribune Content Agency, LLC.
