EL CENTRO — The Imperial County website was impacted by a ransomware attack in April, causing the website and its services to be unavailable. Restoration began immediately, allowing staff to access county information and continue their work. While the issue was being resolved, the Information and Technical Services (ITS) department continued working to identify what caused the issue and how to be better prepared in the future.
ITS Manager Henry Felix updated county supervisors Tuesday, August 13, regarding the incident, efforts to fully restore the systems, and the department’s preventative measures.
According to Felix, the incident was unavoidable as the hacking was custom-made.
“There was no antivirus in the world that had ever detected that before. This is what they do. Nothing that we had stopped it at that point,” said Felix.
Felix explained how the hacking came about and how the system responded.
Imperial County identified multiple phishing emails and privileges for the unauthorized hacker were elevated to administrator. Malicious emails were sent to internal and external email addresses and had various subject lines related to purchases and invoices. The emails contained a malicious document that contained Trojan installers, according to Felix.
Felix stated that while most systems have been restored, there is still a lot of work to be done.
“To get to the ideal state of protection, we still have about six months to go. There’s still lots to do,” said Felix.
The ITS department and Felix are working with other county departments to train in preventative measures. ITS has sent out fake emails as a test, hoping to teach employees to be aware of the emails that are coming in.
“This is more of a behavioral problem, not a technology problem. We have to be skeptical of what’s coming through our emails and we have to be continually vigilant in preventing this from happening again,” said Felix.