county website

EL CENTRO — The Imperial County website was impacted by a ransomware attack in April, causing the website and its services to be unavailable. Restoration began immediately, allowing staff to access county information and continue their work. While the issue was being resolved, the Information and Technical Services (ITS) department continued working to identify what caused the issue and how to be better prepared in the future.

ITS Manager Henry Felix updated county supervisors Tuesday, August 13, regarding the incident, efforts to fully restore the systems, and the department’s preventative measures.

According to Felix, the incident was unavoidable as the hacking was custom-made.

“There was no antivirus in the world that had ever detected that before. This is what they do. Nothing that we had stopped it at that point,” said Felix.

Felix explained how the hacking came about and how the system responded.

Imperial County identified multiple phishing emails and privileges for the unauthorized hacker were elevated to administrator. Malicious emails were sent to internal and external email addresses and had various subject lines related to purchases and invoices. The emails contained a malicious document that contained Trojan installers, according to Felix.

Felix stated that while most systems have been restored, there is still a lot of work to be done.

“To get to the ideal state of protection, we still have about six months to go. There’s still lots to do,” said Felix.

The ITS department and Felix are working with other county departments to train in preventative measures. ITS has sent out fake emails as a test, hoping to teach employees to be aware of the emails that are coming in.

“This is more of a behavioral problem, not a technology problem. We have to be skeptical of what’s coming through our emails and we have to be continually vigilant in preventing this from happening again,” said Felix.

 

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.