The missing money, redirected to a third party from a non-general fund account, was initially discovered by town officials. State and federal authorities have been called to investigate the incident.
(TNS) — Town officials announced Thursday night that the town was victimized by a "spearphishing" attack that resulted in $522,000 being "misdirected to a third party."
The attack did not affect the town's general fund, but rather a non-general fund account, said Town Administrator Jamie Hellen.
"I have been reassured that Franklin's electronic data is secure," Hellen said in a press release. "There is currently no evidence of a breach of our systems. All personal information, accounts and town software systems have been found not to be compromised. The incident was not a ransomware attack."
Spearphishing involves sending emails, posing as trusted sender, with the goal to infect a specific target's devices with malware or to steal information and/or money. Comparatively, phishing is less targeted toward specific victims and is more random, casting a wider net than spearphishing attacks.
Hellen said Franklin police are investigating the matter with state and federal authorities. In addition, he said the town has retained, as special counsel in connection with this matter, an attorney to coordinate and work with authorities on the case.
Attorneys for the town have requested there be no further comment until the appropriate time when police have completed their investigation, Hellen said. He said the town is implementing new procedures and protocols to deter similar incidents from happening again, and urges all residents to protect themselves against increased reports of malicious cyberfraud and email phishing attempts.
Hellen declined to comment on when the attack occurred, when contacted by the Daily News on Friday, but said the town had not previously fallen victim to a cyberattack.
Franklin has an annual budget of nearly $65 million.
Between March 1 and March 23, coronavirus-related spearphishing emails skyrocketed 667%, reported Barracuda Networks Inc., a Campbell, California-based IT security company.
"In general, cyberattacks have increased since the COVID-19 crisis came into affect," said Stephanie Helm, director of the MassCyberCenter at the Massachusetts Technology Collaborative, a quasi-public agency that supports business formation and growth in the state's technology sector.
Municipalities and health care institutions in particular have been most targeted, she said, followed by schools starting around Labor Day.
"(Cybercriminals) like to take advantage of a crisis," she said.
The scams have evolved as the pandemic progressed, she said. In March and April, there were scams related to protecting yourself against the coronavirus, she said. As the federal government started handing out stimulus packages, some scams involved asking people to click on bogus links to collect checks. Now, more scams tailored toward being part of a vaccine test are being sent out, she said.
October is Cybersecurity Month and, to celebrate, the MassCyberCenter is holding several virtual events, including one on how to build a successful cyberincident response plan. About a year ago, Helm partnered with the Massachusetts Municipal Association for a survey asking the state's 351 cities and towns if they had this plan in place, something Helm said is essential to preparing a municipality for an attack.
Only 76 municipalities responded to that survey, and among those, only eight reported having plans in place.
But having plans in place is more important now than ever, she said.
"I am concerned that the planning process might be delayed, but I'm totally empathetic toward why that might be," she said of the pandemic's effects on municipal operations. But a plan is seldom done in isolation, she said, and a plan allows a municipality to act fast when a cyberattack happens.
"When an incident like that happens, you're on the clock," she said. "The faster you can get people to respond together, the less of a chance the damage will be extensive."
©2020 MetroWest Daily News, Distributed by Tribune Content Agency, LLC.
Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.