Shortly after 5 p.m. on July 18, the office of the commissioners was hit by a denial-of-service attack or DoS attack. No actual ransom was received. The office took the necessary steps to shut down all of its systems and slowly bring them back on board over the last week.
"We're still in recovery mode," Commissioner Ron Amstutz said Thursday. "We're slowly bringing things back online and don't have all the systems back up yet."
Most of the systems were restored within a couple of days and the IT department worked over the weekend to restore as much as it could. A professional company will conduct a forensic investigation on the system to find out where the attack came from, according to Amstutz.
The commissioners did learn a few things from the attack. They have since updated their server operating system as they "should have updated it soon," Amstutz said. The office will also change its back up system after finding some problems with infection there.
For several days, employees within the commissioners' office could not access their email or the internal calendar.
On Wednesday, the Board of Developmental Disability said it had discovered that on June 21 it had also experienced an unauthorized access of its data networks, according to a press release. It's unknown if the two attacks are related.
"The intent of the intrusion was to run a ransomware program and encrypt data for the purpose of extorting money from the board," the press release read.
The board did not believe any files were transmitted from its networks, the attackers may have had the opportunity to view files containing Protected Health Information (PHI) for some individuals receiving services. Some of the types of PHI potentially viewed may have included medical diagnosis, medications, treatment plans, Medicaid numbers, and Social Security numbers, although it specified the latter as "very rarely."
The board is sending notification letters to those potentially affected. Former clients that previously received services from the Wayne County Board of Developmental Disabilities that did not receive a letter but have concerns they may have been affected by the breach are urged to contact the board to discuss their options.
The Board of DD can be reached at 330-345-6016 or toll-free at 1-800-323-6133, Monday through Friday between the hours of 8 a.m. to 4:30 p.m.
According to the Department of Homeland Security, a denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network.
A denial-of-service is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users.
"The targets of these types of attacks have been governmental agencies," Amstutz said.
©2019 The Daily Record, Wooster, Ohio. Distributed by Tribune Content Agency, LLC.