Online Exclusive

Hacking of Florida Sheriff's Website Cost $28K

TAVARES, Fla. -- Taxpayers are out at least $28,000 as a result of the Lake County Sheriff's Office web site being hacked last May.

But the money is well spent because it makes it harder for any future attacks and the investment will save the county money down the line, according to a consultant hired by the sheriff's office.

Sylint Security, a Sarasota-based company, was retained by the sheriff's office after its web site was hacked, causing it to be shut down for three days. The hackers were able to get hold of documents and pictures that included the name of a confidential informant, detective case summaries, and identities of children who were sexually molested. Fourteen people were arrested in Romania with ties to the hacking.

Serge Jorgensen, the chief technology officer for Sylint Security, said the sheriff's web site is not alone. He said the CIA and the Pentagon have had their websites hacked. He said many local cities and state governments have faced cyber attacks as well.

"It is unfortunate the taxpayers, agencies and governments have to pay for this, but the goal is to stay a step ahead of those guys (hackers)" Jorgensen said. "You never want to say, 'That will never happen again' because that is sending a red flag."

Sgt. James Vachon couldn't say much about the hacking incident due to FBI involvement in the case. He said the FBI has asked the department to not release any documents or make any other comments about the case because the incident is still under investigation.

"I can say that our security safeguards have been enhanced with the improvements we have made," Vachon said. "Internet security is an ongoing process, so we will continue to make enhancements as time goes by. That's as far as I can go right now. As soon as the FBI gives us the clear that their case is closed I can say more, but (I) have no idea when that will be."

Jorgensen said he couldn't go into specifics about how Sylint is helping the department, but said the company's client list includes Fortune 500 companies, governments agencies and anyone with critical or sensitive information.

Unfortunately, he said Sylint is often called upon after someone has left the barn door open and the horses have headed to the hills.

"We regret being introduced to our clients like this," Jorgensen said. "You want to catch it before happens, but credit Lake County because a lot of local and state governments have fallen behind and get attacked.

"It isn't uncommon, and most guys learn the hard way -- how they were being attacked, when they were being attacked and where they are being attacked. We want to stay one step ahead of those (hackers)."

While it's impossible to retrieve lost information, Jorgensen said shoring up a web site's defenses often will cause hackers to move on to more vulnerable targets, which, in this case, will save the sheriff's office money in the future.