Defending Against Cyber Attacks
HAMMOND, LA – August 12, 2019 - Tangipahoa Parish Sheriff Daniel Edwards reports that in today’s climate, failure to defend against cyber-attacks can result in more than monetary losses and network systems damage, it puts public safety and individual welfare at risk -- not to mention the exposure of highly sensitive and critical data. We have also learned that agencies become more vulnerable when they use interconnected information and communication technologies to share information.
As the result of recent attack on the Tangipahoa Parish School Board, Sheriff Edwards reported last week that the sheriff’s office operating network had possibly been compromised by ransomware. Because of the close relationship and intercommunications with the school board, it was likely that the Tangipahoa Parish Sheriff's Office’s (TPSO) network could have also been infected or breached. When the Tangipahoa Parish School Board reported that they were infected with ransomware, the TPSO Technology Team immediately initiated the department's Disaster Recovery Protocol. This includes increased verification of backups, virus scans, port scanning and blocking, and increased web-filtering around the clock. The progressive measures taken by the Sheriff’s Office Administration over the past few years allowed for its technology team to quickly identity and isolate the possible infection. As part of a long term agency initiative to protect the TPSO from cyber threats, Sheriff Edwards has dedicated a large amount of resources into cyber insurance, new and upgraded software and equipment, as well as agency training while planning for such cyber-attacks. Furthermore, the TPSO's Technology Team has been working on a brand new server system which will give TPSO the ability to better overcome network outages and ransomware attacks such as this.
As a result of these efforts and measures taken to enhance the security of the TPSO's file backup system, no system data, crime data or file system data was lost or affected. “The department’s critical systems were shut down briefly while investigating the possible breach, however all have been back up and running. My IT Director and staff are on duty 24/7 monitoring securities and its supplemental systems, “Edwards says. “No information was affected or removed and all precautions taken to protect personal, critical, and confidential information were proven to be effective.” During this critical time, the TPSO reached out to our agency partners who all began monitoring the situation together and exchanging technical support. TPSO Network Consultant Brian Acosta, Michael and Justin Thornhill of Nortech Downtown, Louie Veillon of L & J Technology, John Dunnington, CIO for Parish Government, Frankie Milazzo with ARAM, and David Gajee came together to assist in the configuring and provided aid with increased monitoring of the entire TPSO network. This network of IT Specialist have also recently assisted other agencies who have been attacked through the recovery process and the securing their networks. "We are stronger when we work together," Edwards says.
"Agencies working together is key. No company or agency is too big or too small to be attacked," says Silewicz. "Even with all the security measures in place, it can still happen – at any time,” he continued. “It only takes one person to open the wrong email or click on the wrong link.” Silewicz's belief is that the only way to beat these kinds of attacks is through open lines of communication and robust backups systems. Letting other agencies know if, how and when an attack has occurred, what strategies are being used to counter the attack, and by sharing proactive measures and security plans will better support agencies in the prevention or recovery of such disastrous attacks.
“Investing in enterprise level antivirus and firewalls give organizations a better security posture,” states Rick Silewicz, IT Director for the TPSO. “Ransomware is a type of malware which refers to a destructive software intrusion or an outright attack on the data in your network. Such an attack can interrupt your internet access, cripple equipment, steal or encrypt critical data, or even hijack funds.” Silewicz continues. Sheriff Edwards also recommends purchasing “Cyber Insurance”. Cyber insurance is a relatively new form of insurance that will cover the costs of a cyber-attack investigation, expenses used responding to a breach, as well as business interruption and maybe even reputational losses.
“Unfortunately, as a nation we are going to be seeing more and more of this type of cyber criminal activity. There’s not much that can be done once you’re hacked,” Sheriff Edwards says. “It’s imperative for agencies to stay on top of the resources needed for implementing and maintaining anti-evasion solutions.” Cyber-attacks are a real threat to the operations and security of any agency and no one is 100 % safe from this happening.