Tag Archive for: Suffolk

Suffolk cyberattack: County consultant also lobbies for vendor hired to fortify system

/in


A consulting firm hired to help manage Suffolk County’s response to a ransomware attack also has served as a lobbyist for the computer security company brought in more than three years ago to analyze and fortify Suffolk’s networks, according to a Newsday analysis of records.

Computer security experts and a government watchdog group said consulting firm RedLand Strategies and founder Michael Balboni’s roles as state lobbyist for the company — and consultant to Suffolk County — could present potential conflicts of interest in the cleanup of the Sept. 8 cyberattack.

Separately, computer experts raised concerns that Palo Alto Networks, the company that provided the front-line firewall of Suffolk’s defense against cyberattacks, is acting as the primary forensic auditor to analyze what happened when the county’s system was breached.

RedLand and Palo Alto, both responsible for helping safeguard Suffolk’s computer system since 2019, recently were awarded new contracts to manage the county’s response to the attack, determine how the breach occurred and to help fix it.

WHAT TO KNOW

  • A consultant brought in to help manage Suffolk’s response to the Sept. 8 ransomware attack also has served as a lobbyist for a security system vendor that provided Suffolk’s front line of defense. 
  • Good government experts say the roles could present a conflict, but others say the current state of emergency and continuing impacts warrant the measures. 
  • An annual computer network risk-assessment report required by 2018 legislation has been finished only once, and a top recommendation to hire a cybersecurity chief wasn’t followed.
  • Experts say the county should look to independent forensic auditors to conduct a thorough investigation of the cyber breach, rather than use an arm of the firewall company. 

Suffolk has yet to publicly say how ransomware attackers infiltrated its system — potentially hundreds of times in the days and weeks leading up to the attack — but no one is blaming RedLand or Palo Alto. The attack has hobbled telephone and email systems and impacted the police department, Department of Health Services, and the Traffic and Parking Violations Agency as the…

Source…

What Suffolk County has to do to recover from crippling cyberattack

/in


The costly, painstaking process of rebuilding Suffolk County’s computer networks in the wake of a ransomware attack may be complicated by uncertainties about how the attack occurred, how much data was lost and whether hackers can re-exploit vulnerabilities, experts say.

One month after BlackCat AlphV’s intrusion on Suffolk networks was discovered and the county was forced to stop it with measures as blunt as physically pulling network cables from their sockets, only parts of the vast system of police, court, health department and real estate systems are back online, some in limited form. Email and phone systems were widely affected, and a source with knowledge of the situation said there are questions about whether years of email records can be restored. 

“You have to make a determination on how to wall off your network,” said Mike Balboni of the Manhattan consulting firm Redland Strategies, which has been a computer security contractor to the county. He declined to discuss specifics of the attack.

Suffolk’s main vendor for firewalls, PaloAlto Networks, also declined to discuss what happened. 

WHAT TO KNOW

  • The process of rebuilding Suffolk County’s computer networks in the wake of a ransomware attack may be complicated by uncertainties about how the attack occurred, how much data was lost and whether hackers can re-exploit vulnerabilities, experts say.
  • The Sept. 8 attack infiltrated departments across the county system, impacting the ability of the police to write tickets and the government to make payments to vendors and local governments.
  • Only parts of the vast system of police, court, health department and real estate systems are back online, some in limited form.

“For this story, we’re not going to be able to assist with your questions, but I appreciate you reaching out,” Kelly Kane, PaloAlto senior manager for threat communications, said in an email.

The Sept. 8 attack infiltrated departments across the sprawling county system, from the Department of Health to the county clerk, affecting the ability of the police to write tickets and the government to make payments to vendors and local governments and provide certain real estate records…

Source…

Suffolk County begins to restore title searches after ransomware attack

/in


Suffolk County said it was able to resume title searches Monday morning after a ransomware attack on the county’s computer systems last month disrupted a critical process for the local real estate industry.  

Title companies ensure that no one besides the seller has a claim to the property and that there are no liens or financial judgments that would call ownership into question. For sales in Suffolk County, these companies seek records from the county clerk’s office, which along with other county departments was compromised in the cyberattack. A title company’s inability to vouch that there are no claims against the property can prevent sales from closing.

With title companies unable to access records since the Sept. 8 cyberattack, real estate agent Jeffrey Jimenez said he has been unable to move forward toward closing on 30 sales that recently went into contract. 

“Everything’s at a screeching halt,” said Jimenez, a team leader at eXp Realty, who primarily markets homes in the Tri-Hamlet area of Shirley, Mastic and Mastic Beach.

Delayed closings can have cascading consequences for buyers and sellers, particularly now, as mortgage rates have been jumping up in recent weeks.

Homebuyers agree to lock in a mortgage rate with their lender for a set period of time, say 60 days. If they cannot close before the rate lock expires, they may need to pay hundreds or thousands of dollars to extend it. Otherwise, they would need to accept a new, probably higher, mortgage rate — but that would boost their monthly payments and they might no longer qualify to receive their home loan.

The average U.S. 30-year fixed loan rose to 6.7% for the week ending Sept. 29, which is about a full point higher than it was a month earlier, according to mortgage giant Freddie Mac.

Sellers risk losing a deal with a buyer and having to put their homes back on the market, at a time when buying power has been diminished by higher interest rates that increase buyers’ monthly payments.

The county’s real estate industry also faces a cash crunch, with agents, title companies and attorneys waiting on commissions and fees due after closing.

Christopher Como, deputy county clerk for Suffolk…

Source…

Suffolk cyber hackers accessed ‘personal information,’ county says

/in


Suffolk County officials have acknowledged for the first time that hackers who breached county computer systems had accessed “personal information,” and urged residents to monitor their accounts and credit reports closely.

In a notice posted on its temporary webpage on Wednesday, the county said, “we believe that the threat actors accessed and/or acquired certain personal information from one or more County agency servers.”

The notice said Suffolk had “promptly hired multiple cybersecurity firms to conduct an examination to protect employees and residents as well as restore online services.”

While the county disclosed no details about the personal information accessed by hackers, the notice contained the first confirmation since the “cyber intrusion” was disclosed that hackers had obtained personal information.

PROTECTING YOURSELF

Suffolk County recommends residents take the following steps to detect suspicious activity involving their accounts and credit reports:

  • Review accounts and credit reports. Search for things such as an incorrect Social Security number, accounts you did not open or charges you did not make. If you see suspicious activity, report it to law enforcement.
  • Place a fraud alert on your credit. If you suspect fraud, contact call one of the three major credit reporting agencies: Equifax, Experian or TransUnion. A fraud alert conveys to anyone requesting your credit report that you suspect you may be a fraud victim. A fraud alert should not stop you from using existing credit cards or other accounts, but may slow your ability to get new credit.
  • Place a security freeze on your credit reports. Visit the New York Department of State Division of Consumer Protection website dos.nysits.acsitefactory.com/consumer-protection to place a security freeze on credit reports. A security freeze prevents most potential creditors from viewing your credit reports and therefore further restricts the opening of unauthorized accounts.

Source: suffolkcountyny.gov

“The protection of personal information is a top priority of the county and we will notify directly any individual whose data may have been exposed and offer free identity theft protection services.” Suffolk…

Source…