Lou Ialacci, chief information technology officer for the county, sat down for an interview with the Montgomery Advertiser and laid out much of Montgomery County's plan to increase cybersecurity. Through the implementation of improved and secured backups, informational sessions for employees and expert consultation, Ialacci said the county will be better prepared to handle the thousands of attacks that the county faces daily.
The county estimated that it may pay up to $280,000 earlier this month for fixes, but he said that costs haven't yet approached that figure. The county has spent or committed around $77,000 for hardware, software and safeguards, and will spend about $100,000 each year for a cloud storage system. Some of those costs were already budgeted for though, because the county had already put aside $68,000 for IT discretionary spending this year.
"We are pretty well squared away as far as restoring everything and getting back on track," Ialacci said. "We had the Air Force in and did a training session with them. We are talking with the FBI and the FBI has agreed to come in and do multiple training sessions to educate our users."
Users who are knowledgeable about cybersecurity risks and protocol are essential to preventing future attacks, Ialacci said, because malware and viruses are often let into computer systems when an individual clicks on a link or opens an email that they shouldn't.
The county still doesn't — and may never — know how the September's attackers got into the county's systems and delayed several vital functions in places such as the Sheriff's and Probate Offices. The county was forced to pay a 9 bitcoin ransom, an online currency not supported by any government or bank, to recover its data after it was discovered that the attackers had gotten into the county's backup system as well.
"Ironically, we had just added a new filtering system about a month prior to [the attack]. It actually detected something that we were not aware of and we immediately went after it. We don't know if that was the culprit or not."
Ialacci said he was hesitant to reveal too many details about the county's revamped efforts, fearing that future attackers may use that information to compromise systems. Yet he did lay out how the county will essentially double up its backup systems, creating an "air gap" that would make it impossible for attackers to get to the second set of records. That type of system would have prevented the attack, he said.
One forward-thinking way the county is looking to stop future attacks is by using artificial intelligence to monitor systems for irregularities, Ialacci said. With a system like that in place, he said the county can be more proactive in preventing threats.
Looking back on the ordeal, Ialacci said it was a frustrating situation for him as the head of IT. Luckily, he said the county doesn't handle much sensitive personal data and doesn't believe that there was any stolen, though he can't "100 percent guarantee that." And it was frustrating to have to pay the ransom, though he still thinks it was the best option.
"Nobody wants to pay blackmail or ransom ware people," he said. "At some point, you have to look at the pluses and the minuses and the costs and the opportunities. In this particular case, for us to have tried to hire someone to come in and rebuild everything ... would've cost exponentially more money."
©2017 the Montgomery Advertiser (Montgomery, Ala.) Distributed by Tribune Content Agency, LLC.
