Officials are reporting that IT systems are fully operational following the February ransomware attack and that proactive partnerships are in the works.
(TNS) — DAVIDSON COUNTY, N.C. — Davidson County officials now report that county systems have been completely restored following a cyber extortion attack that shut the county down on Feb. 16.
Davidson County agencies, including the sheriff’s office, DSS and the health department navigated a couple of days with no website, telephone or email following the shutdown. At the tax assessor’s office, employees were forced to resort to pen and paper.
County Manager Zeb Hanner said most systems were restored within a week, although he was not allowed to discuss the situation due to an ongoing criminal investigation. With diligent work by the county’s IT team, all but five of the county’s 90 servers were back in service by Feb. 19.
“Other than no personal information was taken from our system I am not allowed to discuss much,” he said. “We have made some adjustments within our system. We are planning to purchase some equipment in the new budget to be more proactive in our search for events like this.”
Recent ransomware attacks like the one suffered by Davidson County in February and the one in Mecklenburg County in December 2017 highlight the need for a more coordinated response to such threats.
To combat the growing threat of cyberattacks, the N.C. Department of Public Safety in cooperation with the N.C. Department of Information Technology will operate a new cyber unit entity. Housed in the SBI’s N.C. Information Sharing and Analysis Center (ISAAC), it will focus on promoting cyber awareness and information sharing and to provide actionable cyberintelligence to private and public sector partners and citizens.
The new cyber unit will be led by Thomas McGrath, who will work as part of the DPS Information Security Office. McGrath and his team will work with federal, state and local partners, including the North Carolina National Guard, Department of Homeland Security, FBI, U.S. Secret Service, Multi-State Information Sharing and Analysis Center (MS-ISAC) and others to thwart cyber attacks. McGrath is a veteran of the FBI, who served as a Special Agent with the FBI National Computer Crime Squad at the FBI Washington Field Office before transferring to the Raleigh Resident Agency of the FBI’s Charlotte Division in 2000. Since then, he has worked on the Cyber Crime Squad and most recently was the FBI’s representative at the N.C. ISAAC Fusion Center. McGrath assumed his duties at DPS on March 19.
“This new unit is critical due to the growing number of threats launched against our cyber infrastructure in recent years,” said Public Safety Secretary Erik A. Hooks. “We at DPS and the SBI are excited to be working with N.C. DIT and our other partners on this significant improvement in our cyber threat-management capability. Tom McGrath’s experience with counterterrorism and cybercrime investigations at the FBI goes back more than 20 years. That, plus his recent experience with the FBI at the N.C. Fusion Center, make him a perfect leader for this new team.”
“The state continues to face a growing threat from cyberattacks,” said N.C. Department of Information Technology Secretary Eric Boyette. “This effort will help us to better guard against cyber threats and to increase information sharing of threat vectors and cyber actor actions across multiple state entities and boundaries. It will also increase the speed of information sharing and help place needed focus on local government and citizen outreach. With the increased coordination and sharing of information will come an increase in the speed with which we can detect, identify and recover from cyber incidents.”
McGrath will be responsible for ensuring that relevant, actionable information and intelligence related to global, domestic and jurisdictional cyber threats is provided to public safety officials in a timely manner.
“This includes furthering the Fusion Center’s cyber goals and supervising analysts, managing outreach to partners and directing the collection and analysis of cyberthreat intelligence,” said Chief State Risk Officer Maria Thompson.
The N.C. ISAAC Fusion Center works with local, state and federal law enforcement agencies in the fight against terrorism and criminal activity by sharing information.
©2018 The High Point Enterprise (High Point, N.C.) Distributed by Tribune Content Agency, LLC.