IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Emergency IT Package OK'd After Montgomery County, Pa., Hack

A $100,000 emergency procurement package – containing two vendor agreements – was unanimously passed this week to mitigate a “network security incident” that affected 85 county computers.

phishing attack_shutterstock_551667175
(TNS) — A "phishing attack" prompted county officials to designate $100,000 in consulting and staffing contracts for tech services, according to Montgomery County Communications Director Kelly Cofrancisco.

County commissioners unanimously authorized two agreements labeled under an "emergency procurement" package during Thursday morning's meeting.

Both contracts, issued on behalf of the Montgomery County Department of Information and Technology Solutions, referenced a "network security incident," which occurred on May 26, according to Cofrancisco.

"Eighty-five users on the county network were affected, but there was no impact to our network systems," Cofrancisco told MediaNews Group in an email Thursday afternoon.

The U.S. Department of Commerce's National Institute of Standards and Technology characterizes "phishing" as "a technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person."

In response to the incident, commissioners approved a $48,000 contract with RSM US LLP, of Davenport, Iowa, to conduct an "emergency forensic investigation of the county network," as well as the impacted "devices," the contract states.

Another $52,000 was allocated to fund a contract with Eastern Business Software Inc., of Broomall. Citing "emergency engagement" purposes, the agreement will staff three temporary employment positions "to assist with device management for units affected by the network security incident," the contract states.

"Out of an abundance of caution, our IT department is contracting with RSM for a forensic audit of the network, and a few of the affected machines," Cofrancisco said. "The second-related contract was for staff to help bring the affected user accounts back online."

While a timeline for the contracted work is unclear, Cofrancisco said Thursday afternoon that "the majority of users are back online at this time."

©2022 The Reporter, Distributed by Tribune Content Agency, LLC.