Urgent Security Alert: Flaws in Government Software Put Wisconsin Towns at Risk
A critical security advisory has been issued concerning major vulnerabilities in software widely used by local government bodies across Wisconsin. The flaws, discovered in products developed by Workhorse Software, could potentially allow malicious actors to gain unauthorized access to sensitive government systems and citizen data.
The vulnerabilities affect the company’s Content Management System (CMS) and other applications, which are used by numerous Wisconsin counties, cities, and towns to manage their official websites and digital services. According to security analysts, these flaws are severe and could be exploited remotely by attackers with relatively low skill levels.
The Nature of the Threat
At the heart of the issue are several critical software vulnerabilities, including a significant SQL injection (SQLi) flaw. In simple terms, an SQL injection attack allows an adversary to manipulate a website’s database by inserting malicious code into input fields.
If successfully exploited, these vulnerabilities could enable an attacker to:
- Bypass security and authentication measures.
- Read, modify, or delete sensitive data stored in government databases.
- Potentially take full administrative control of an affected website.
This exposes a vast amount of confidential information, creating a serious risk for both the municipalities and their residents. The exposed data could include internal administrative documents, financial records, and the personally identifiable information (PII) of citizens, such as names, addresses, and contact details.
Who is at Risk?
The alert specifically targets the digital infrastructure of numerous local government websites across Wisconsin that rely on Workhorse Software for their online presence. The widespread use of this software means the impact could be extensive, affecting a significant number of communities that depend on these websites for official communications, online bill payments, and access to public records.
The exploitation of these flaws could lead to website defacement, service disruptions, and, most alarmingly, the potential for significant data breaches and identity theft. Stolen citizen data can be sold on the dark web or used for targeted phishing campaigns and other fraudulent activities.
Actionable Steps and Security Recommendations
For government IT administrators and residents, taking proactive security measures is crucial.
For IT Administrators and Municipal Leaders:
- Immediate Patching is the Most Critical Step: Workhorse Software has reportedly released patches to fix these vulnerabilities. System administrators must prioritize applying these updates to all affected systems without delay.
- Verify Patch Installation: After applying the updates, it is essential to verify that the patches have been installed correctly and that the vulnerabilities are fully remediated.
- Audit for Compromise: Review server logs and system activity for any signs of suspicious behavior or unauthorized access that may have occurred before the patches were applied. Look for unusual database queries or unexpected administrative logins.
- Enhance Network Monitoring: Increase monitoring of network traffic to and from public-facing web servers to detect and block any future exploitation attempts.
For Wisconsin Residents:
While the primary responsibility for patching lies with the municipalities, residents should remain vigilant.
- Monitor Your Accounts: Keep a close watch on your financial statements, credit reports, and any online accounts for unusual activity.
- Be Wary of Phishing: Be cautious of unexpected emails or text messages that claim to be from your local government. Attackers may use stolen information to create highly convincing phishing scams. Never click on suspicious links or provide personal information in response to an unsolicited request.
- Use Strong, Unique Passwords: For any online portals related to your local municipality, ensure you are using a strong and unique password.
This incident serves as a stark reminder of the persistent cyber threats facing public sector organizations. Proactive security, timely patching, and constant vigilance are essential to protecting critical infrastructure and the sensitive data of citizens.
Source: https://securityaffairs.com/181363/security/us-cert-cc-warns-of-flaws-in-workhorse-software-accounting-software-used-by-hundreds-of-municipalities-in-wisconsin.html
