Re:Get an incident handler in there (Score 1)

I agree with you as of the incident handling procedure. Now everyone just go out blaming people probably without knowing the real deal. I am sure nobody will know any information as to where that came from or how it got in, but apparently they were not the only ones hacked. Here is Maryland we also had a couple of companies that did not know if that was related to Windows updates or what, ut were also part of this attack. Obviously this city was not the only organization hacked. Checked this article here: http://www.washingtonpost.com/wp-dyn/content/article/2010/02/17//AR2010021705816.html If you really are as smart as you sound why dont you offer them your consulting expertise. I am sure they are looking to either beef up their security personnel, get rid of them, or establish better/stronger security best pratices. I can see how blown out of proportion the news down there where -as with everyting the media does to get ratings- they probably opened up their mouth to the media too quick. We will never contact the media until a full assessment of damages is done, a penetration test is completed, and the communications department gives the proper authorization to communicate with the media. As far as the sophisticatino of these new blended threats, even large corporation with LOT$$ of Bandwidth ($$) can't even compete with these hackers. I have been in their position before and all I can say is kudos to them for even catching the source with enough time to stop the spread. It could have been worse.