Init0

Tech News That Matters

Gary, Ind., Officials Tap Firm to Run Cybersecurity Defenses – GovTech

npressfetimg-5041.png

Gary, Ind., Officials Tap Firm to Run Cybersecurity Defenses – GovTech

Gary, Ind., is working to strengthen its cyber threat detection and response after suffering its first ransomware attack in April 2021.

Gary Chief Innovation Officer Lloyd Keith told Government Technology that the attack galvanized officials into taking greater action to meet cybersecurity goals, and that the city is now signing a long-term contract with IT security provider UncommonX (formerly 5thColumn).

“Budgets are the problem. This hack brought to fruition the idea that now you’ve got to spend money on cybersecurity,” Keith said. “Even though it’s been on my strategic plan for the past couple of years, the hack says, ‘here’s the money.’”


UncommonX offers 24/7 monitoring, among other services, and Keith said tapping the vendor is expected to be more cost-effective for the city than developing its own cybersecurity department would be. In-house staffing and equipment costs might strain municipal budgets and the city would have to obtain the cybersecurity know-how to identify the right tools and strategies.

INSIDE THE APRIL ATTACK

Gary’s new approach comes after city servers fell to a Conti ransomware strain in April 2021.Malicious actors conducting the April attack were able to use the remote desktop access program AnyDesk to penetrate city networks and get control of some administrative capabilities, Keith said. The incident compromised several servers and systems that underpinned essential city services, Gary Mayor Jerome Prince said in a Nov. 10 press release.

The extortionists unsuccessfully demanded an $880,000 ransom, with city officials leery of paying in part due to reluctance to trust criminals to keep their word, according to Keith.

After a network administrator discovered the attack, Keith’s team notified the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Homeland Security and began working to try to stop the malware from spreading to any networks that were still unscathed. That included shutting down any instances of the AnyDesk program they discovered.

GETTING BACK UP

The next major step would be to restore the city systems from backups — assuming these files had stayed safe from the ransomware, that is. Gary relies on backup solutions provider Unitrends and found that its on-network backups were corrupted, though its offline ones were viable.

But the city couldn’t start using those offline files to restore systems until it was certain the ransomware was purged from the networks.

UncommonX was able to map the city’s digital ecosystem and contain the malware within 72 hours, the …….

Source: https://www.govtech.com/security/gary-ind-officials-tap-firm-to-run-cybersecurity-defenses