Tag Archive for: Suffolk

As Bellone seeks ‘centralized’ computer network, other Suffolk officials call for autonomy

/in


As Suffolk moves to put a crippling ransomware attack behind it, County Executive Steve Bellone is touting a newly centralized infrastructure as the core of his efforts to secure disparate county networks.

“Never again will the county information technology security team be in a position to ask someone to fix a security concern because they don’t have the credentials to access systems themselves,” Bellone said.

But as Bellone moves to implement the long-planned vision, some other elected county officials, citing the impacts of the ransomware lockdowns and concerns about confidentiality, are pushing for even greater levels of security autonomy. The Sept. 8 cyberattack shut down a broad cross-section of county services for several months.

“We’re getting the hell out of there completely,” Suffolk Comptroller John Kennedy said of the county’s network. By the second week of March, Kennedy said he expects to have his office’s audit software application onto a remotely hosted cloud-based system that will be “completely off any county hardware or servers.”

WHAT TO KNOW

  • A newly centralized infrastructure is the core of County Executive Steve Bellone’s efforts to secure disparate Suffolk networks.
  • Other elected county officials, citing concerns about confidentiality, are pushing for even greater levels of security autonomy.
  • The consultant helping Suffolk search for its first chief information security officer said the county’s “siloed” structure of networks is one of its biggest challenges.

The structure of the network presents it with long-recognized challenges, with the county’s main Department of Information Technology controlled by the Bellone administration and sub-networks with varying levels of autonomy and responsibility, including separate IT staffs, and under elected officials such as the county clerk and sheriff.

Experts said that “siloed” approach can leave the county more vulnerable to attack and more of a challenge to get cyber insurance. But political realities leave others concerned that ceding too much control to the county executive could expose sensitive information to political foes.

Security dome over disparate systems

Source…

Hackers encrypted Suffolk health department data, report says

/in


Forensic investigators probing the September ransomware attack on Suffolk County found evidence that hackers encrypted data and left ransomware notes on the Department of Health computer network, although Suffolk said there is no evidence “thus far” that personal data was stolen.

In a report from Unit 42, a division of Palo Alto, the company that provided firewall and other network protection services to the county in advance of the attack, investigators also said they found evidence that the hackers “staged and exfiltrated,” or exported, data from the county clerk’s network, as well as Suffolk’s main parent network.

Security experts say health data tends to be among the most highly sought by ransomware attackers and other hackers, in part because it often is rich with personally identifiable information. By encrypting data, the hackers blocked the county from access to it.

Suffolk spokeswoman Marykate Guilfoyle said the county’s Department of Information Technology and its incident response team are “coordinating closely” with County Clerk Vincent Puleo and “will notify any individuals if it is determined that their personal identifying information may have been impacted.”

WHAT TO KNOW

  • Investigators report finding evidence that hackers encrypted data and left ransomware notes on the Department of Health computer network during the Sept. 8 cyberattack.
  • A Suffolk spokeswoman said there is no evidence “thus far” that personal data was stolen.
  • Security experts say health data tends to be highly sought after by hackers, in part because it often is rich with personally identifiable information. 

Suffolk has already acknowledged the Social Security numbers of up to 26,000 employees may have been exposed and that personal information of up to 470,000 people was “accessed or acquired” from the county’s Traffic and Parking Violations Agency server.

In the past, when the county has found that infiltrators compromised data by so-call exfiltration, or stealing and exporting copies, the government moved to alert those whose data may have been compromised. It is providing a free one-year subscription to a credit-monitoring and ID theft…

Source…

‘It was only a matter of time’ – Suffolk County clerk says she raised concerns before massive hack

/in


Dec 04, 2022, 5:44pmUpdated 4h ago

By: News 12 Staff

A special bipartisan
committee will hold hearings “probing the cause and response” of the ransomware
attack that stole the personal information of as many as 470,000 Suffolk County
residents.

Suffolk County Clerk Judith Pascale told News 12 that she warned Suffolk County officials in January
that a cyberattack could happen. She brought her concerns to the Ways and Means
Committee and asked them to install more computer security and more substantial
firewall protection. She says the firewall protection in place during the
attack wasn’t enough for a government entity.

“It was only a
matter of time. And that’s why we should have taken the precautions,” said
Pascale. “…People looked at me like I was crazy…I said ‘when this
happens, it’s going to be devastating.’”

A county IT expert who
asked not to be named told News 12 it took about five hours to shut down
more than 600 servers during the Sept. 8 hack.

A county spokesperson
told News 12 that the county took aggressive measures on Sept. 8 to contain the
cyberattack and that the county hired a leading forensic team to determine what
happened.       

Presiding Officer Kevin
McCaffrey is expected to make the announcement of the committee formation and
its members during a news conference Monday morning. It will be chaired by
Legislator Anthony Piccirillo and will have subpoena powers for testimony.

According to a release:

“The committee will
review how tax dollars were used to protect the county’s information, the
response to the attack, the steps taken to protect residents whose personal
information was compromised and what is being done to prevent future attacks.”

The attack occurred on
Sept. 8. The county has admitted that “the personal information of as many as
470,000 residents and 26,000 past and current employees has been stolen by the
hackers.”

Source…

Suffolk County, N.Y., Hack Shows Ransomware Threat to Municipalities

/in


Lisa Black,

chief deputy county executive for Suffolk County, N.Y., received a call in early September that government leaders and company executives dread: A suspected attack of tech systems was under way. 

Immediately after the midday call on Sept. 8, county workers began to isolate financial databases and disconnect the network from the internet to prevent the spread of what would later be discovered as ransomware. That evening, Ms. Black gathered department heads and commissioners to announce a new challenge.

“I need you to pivot to, basically, 1990,” she told the assembled staff. 

Offices that had become comfortable with working digitally during the Covid-19 pandemic had to revert to pen and paper. Email wouldn’t be available. Court proceedings, waste collection and other vital infrastructure services needed to be delivered to the county’s 1.5 million people—the state’s largest county by population outside of New York City’s five boroughs—but without internet access. 

The hack in Suffolk County is no isolated incident. 

More than 3,400 state, local, tribal and territorial governments in the U.S. suffered ransomware attacks between 2017 and 2021, according to data from the Multi-State Information Sharing and Analysis Center, a threat intelligence group for municipalities. This year, high-profile attacks against local authorities included a strike on the Los Angeles Unified School District shortly before the start of the academic year; an attack on Bernalillo County, N.M., in January that forced office closures; and a similar incident in Fremont County, Colo., in August.

Municipal hacks are expensive, often forcing technology upgrades that had…

Source…