BEAUFORT — Most computer- and internet-literate people have probably heard of scams and cyber attacks on individuals, but computer criminals also go after bigger targets, like local governments.
The matter came to the attention of Pine Knoll Shores Commissioner Ted Goetzinger recently, who brought it up at the Dec. 11 town board meeting.
“It’s a problem,” Mr. Goetzinger told the News-Times this month. “Fortunately we (Pine Knoll Shores) live at the end of the world, so we’re not very much at risk.”
While the commissioner may not think the risk of a cyber attack on Pine Knoll Shores is that big, he said he still thinks it’s an issue town officials should discuss.
“We think we’re safe, but who knows?”
On mainland Carteret County, County Information Technology Director Ray Hall said security has been and continues to be his department’s top priority, “thus we focus many resources on all aspects of it.”
In addition to being the county IT director, Mr. Hall is also president-elect of the N.C. Local Government Information Systems Association, whose purpose is to help IT professionals share experience and ideas and undertake efforts to improve government information systems.
“We’re always aware of potential attacks as this is nothing new,” Mr. Hall said. “The rise of ransomware did change the game, however, a few years ago.”
According to the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency website, ransomware is a type of malicious software that denies access to a computer system or data until a ransom is paid.
The CISA said it’s “observed an increase in ransomware attacks across the world.”
Mr. Hall said since ransomware attacks have been rising, county IT professionals have implemented “many more security controls and adapt constantly to the ever-changing landscape (of cyber crime).”
“We will continue to invest in controls to make sure the county’s data and systems are secure and protected,” he said.
The county has “fared pretty well amongst the rising amount of attacks over recent years” he noted. However, Mr. Hall said it takes constant monitoring and diligence to stay safe.
“We also implemented more end-user training a few years ago,” he said, “and perform monthly testing to evaluate our internal risk from users accidentally falling for malicious intent. Municipalities operate independently from the county, so I can’t speak to their specific security controls.”
Back in Pine Knoll Shores, Town Manager Brian Kramer said town staff is aware of the vulnerability of town computer systems to cyber attacks.
“It was a hot topic of sorts in 2019, given what occurred in Orange County this past year,” he said, referring to an incident in March 2019, when a ransomware virus caused Orange County staff to close their offices and interfered with the county sheriff’s department’s communications.
“It’s insidious and can paralyze an organization,” Mr. Kramer said.
A similar attack occurred in April 2019 in Greenville. According to Greenville Public Information Officer Brock Letchworth, in this incident staff members discovered all of their computer systems and workstations were infected with a ransomware virus called Robbin [sic] Hood.
“All the workstations were shut down,” Mr. Letchworth said. “It took everybody back to the days of paper and pen to perform their duties.”
He said the shut down meant municipal duties like issuing building permits and police citations had to be done by paper.
“We’ve never experienced anything like that,” he said. “We were fortunate we could retrieve all our data (from backups) to before the ransomware.”
While the data could be recovered, Mr. Letchworth said it took three to five days to restore the central computer functions for town staff. Full restoration of their systems took two to three weeks. He also said shortly after Greenville’s attack, Baltimore, Md., received a cyber attack of its own, involving the same Robbin Hood ransomware.
Meanwhile, Mr. Kramer said he thinks Pine Knoll Shores’ systems are protected. Since Mr. Goetzinger’s comments, the town manager has spoken with the town’s IT provider, who told him they’re protected via “secured, encrypted, cloud based, off-site backup” and “a secondary back-up with strong encryption, with the data being stored in a secured external hard drive.”
Mr. Kramer said, however, none of these measures mean the town’s computer systems aren’t subject to attack.
“Anyone who touches the internet is,” he said. “Our server could be compromised, all of our work station’s hard drives could be infected and we could come to a sudden halt. But the most critical part of our system, our data, would be protected. And though we’d incur a significant cost to replace hardware, we wouldn’t have to pay millions to retrieve our data.”
Contact Mike Shutak at 252-723-7353, email firstname.lastname@example.org; or follow on Twitter at @mikesccnt.