Texas County Anticipates Building Cyberattack Recovery Plan

Following a ransomware attack last year that had countywide implications, Potter County officials said they are anticipating a formalized IT disaster recovery process in 2020 to address such occurrences.

by Douglas Clark, Amarillo Globe-News / January 2, 2020
Credit: Shutterstock

(TNS) — In the aftermath of a ransomware attack earlier this year that had countywide implications, Potter County, Texas, officials said they are anticipating a formalized IT disaster recovery process in 2020 to address such occurrences.

"That will be a formal document that we'll get to work through," Potter County Commissioner - Precinct Two Mercy Murguia said regarding the recovery plan initiative, as well as the development of metrics outlining user concerns, computer issues and other help desk related duties. "We have all learned an important lesson in 2019 about the appreciation of some of that detail."

Officials acknowledged there was no formal IT discovery process in place when the April virus attack occurred. In August the county hired Andrews & Associates IT Solutions to manage all of its IT services. The firm, which is slated to craft the IT recovery schematic, recently noted in person employee cybersecurity training is coming to a close.

"I have about 30 folks left to go that are either already scheduled or I'm waiting to hear back on scheduling for them to finish that up," David Blankenship, Andrews & Associates IT Solutions Chief Information Officer, said regarding the countywide effort. "Also, on the cybersecurity training, I'm working on a deal HR can use for new employees during onboarding, so that doesn't fall through the cracks. I'll also continue to roll out the online training."

The online training would be ongoing, per Andrews & Associates IT Solutions, with users working at their own pace in short modules, adding the longest module is 45 minutes. Firm officials said the online training would also be used in preparation for the IT firm's phishing test, which officials said involves sending deceptive emails to staff to determine their response to such submissions. If an employee fails the phishing test, officials said more training would be required.

Firm personnel previously noted a new firewall has been installed, the encryption process has begun on county IT devices and indicated another layer of protection would soon be introduced in the form of dual authentication, adding a second level of identity verification to an account log-in.

©2019 Amarillo Globe-News, Texas. Distributed by Tribune Content Agency, LLC.

Platforms & Programs