Servers to Go Back Online After Luzerne County Cyberattack

The Pennsylvania county is relaunching some of its computers and servers after the May 25 cyberattack. Officials believe the attack originated from an email attachment unknowingly opened by an employee.

by Jennifer Learn-Andes, The Times-Leader / June 5, 2019
Shutterstock.com/Dabarti CGI

 

(TNS) — Some Luzerne County government computer servers targeted in a cyberattack should be cleared and reactivated today, county Administrative Services Division Head David Parsnik said Tuesday.

The servers expected to go back online first contain databases and programs used by the county prison system, probation and other court branches and some general government offices, including the human resources, budget/finance, elections, assessor’s and mapping departments, Parsnik said.

Restoration should allow employees to both view and update computer data as they did before the virus was detected by the county’s network monitoring systems May 25 during the Memorial Day weekend, Parsnik said.

The administration shut down the main county government computer network — both servers and work stations — to stop its spread, preventing workers from uploading information handled by their departments, including property assessment changes, deed recordings and civil court filings.

If all goes as planned, the servers needed by the deeds, wills, prothonotary and sheriff’s offices will be on line Thursday, Parsnik said.

Servers for Children and Youth and other human service agencies should be addressed on Friday, he said.

The county hired New York City-based Arete Advisors to perform a full assessment, known as a remediation, to determine what remains infected and must be fixed, the administration said.

Parsnik has said the unknown attackers likely contaminated the system through an email attachment unknowingly opened by a worker, but he said confirmation of that will come when Arete advances to a forensic analysis investigation.

“The Arete folks are working on keeping our machines virus free, so they haven’t got into details of when it started, why it started and how it started,” Parsnik said.

Parsnik said he will be unable to disclose some of the findings due to security concerns, but he stressed law enforcement will be notified if sufficient evidence of the hacking is uncovered.

“Depending on what we find, we may take action,” he said.

Due to concerns about cyberthreats, the county last year started flagging all incoming emails from noncounty senders with a notice reminding staff not to open attachments or click links unless they are sure it is safe.

The county also added a new $26,000-a-year advanced threat protection program in last year’s Microsoft Corp. contract renewal.

Parsnik said many cyberattacks have been foiled due to these efforts.

“We always see them trying to get in. It’s the ones that get in that are the problem,” Parsnik said.

©2019 The Times Leader (Wilkes-Barre, Pa.). Distributed by Tribune Content Agency, LLC.