360 Degree Cyber Security, LLC

Why be surprised?

Why be surprised?

Recently I was hired to perform network security monitoring of a large municipality in Delaware.

The town manager and IT director knew they were in for an eye opening. But not as wide as I showed them the persistent attack their network was under.

The municipality initially felt that they would be less of a target because they are in Delaware. Really who would attack a municipality in one of the smallest states in the United States? The feeling of security through obscurity and denial was enough to consider the risk as being negligible. There is nothing in the municipality that would benefit an attacker, there is nothing that could be a financial target. Really attack us in Delaware, yeah right.
But alas, after finally getting them to agree to giving network security monitoring a try a sensor was installed to watch what was really going on. Within a matter of hours, a pattern was starting to appear. But to be sure and to have a good understanding of what was really going on in and to their network, three days had passed to allow for a period of acclimation.
After several questions were answered in helping to identify friend from foe, it was clear that an unknown, probably foreign entity (based on the originating IP) was trying to brute force their way into the town’s networks. It is not the standard scan the ports which maybe a potential sign of things to come. It was a full on brute forcing of user names and passwords in a slow meticulous manner of just over 200 times an hour.


Sure nothing happened. And maybe given enough time the attackers would have found something that worked. But why leave it up to being surprised when something does happen. This municipality took the right step. An ounce of prevention and planning goes a long ways in maintaining the security of your network and information.

About the Author

Chris Wolski author

Chris Wolski is the founder and principle consultant of the small business and municipality focused cyber security firm 360 Degree Cyber Security, LLC. He is currently certified by International Information System Security Certification Consortium as a Certified Information Systems Security Professional and by the SANS Institute as a Global Industrial Cyber Security Professional. Active in the information security community, Chris volunteers his time at BSides Delaware and to various individuals seeking to be mentored in cybersecurity. He is frequently researching industrial devices to discover weaknesses that would present a problem for users of those devices. Chris obtained his start in cyber security in the U.S. Navy where he served in various information security and signals intelligence roles over his 20 year career. He left government service after serving in a position to develop cyber threat intelligence against industrial controls and later on the Joint Chiefs of Staff as a cyber incident handler. Chris has a Bachelor of Science Degree in Cybersecurity from University of Maryland University College and is currently pursuing a Master in Business Administration, also at the University of Maryland University College.

Leave a Reply