Luzerne County joined a growing list of governments victimized by cybercriminals when officials discovered late last month that a virus infected some computers in the county’s system. Officials shut down the courthouse computer network following the discovery May 25. Luzerne County information technology professionals and outside computer security consultants have spent the time since rebuilding the network, and hope to have it fully restored this week.
Cyberattacks in recent years also wreaked havoc on government networks in Allentown, Atlanta and Baltimore, to name a few, but University of Scranton Information Security Engineer Ikram Muhammad said it’s not just governments that should be on guard. As cyberattacks get more sophisticated in a world reliant on technology, Muhammad said everyone from individuals to counties to large corporations should take protective steps.
A forensic investigation into how the Luzerne County computers were infected begins soon, but officials suspect someone connected to the network opened an attachment to a fraudulent email that contained a virus. It’s a common type of attack that experts say underscores the importance of user education.
“I think that email is one of the most vulnerable areas for everyone ... because it’s part of our everyday life,” said Frank Swietnicki, the city of Scranton’s information technology director. “It’s been my experience that email is the No. 1 vector for things coming in. It’s going to be in some sort of an attachment.”
One of the best ways to combat such a threat, Swietnicki said, is teaching users to recognize suspicious emails and sound the alarm.
“If you don’t expect to get an invoice or you don’t expect to get an attachment of something from whoever is sending it to you, don’t open it,” he said.
Lackawanna County Chief Information Officer Jeff Mando agreed, noting in a written statement that the biggest threat to the county’s cybersecurity is employees not knowing what to look for and what preventative measures to take to protect data.
Among other tips, Mando warned users to treat email cautiously, never open an email unless 100% certain it’s legitimate, verify the sender’s email address and not just the name that appears, and inform IT professionals of anything that appears suspicious.
Lackawanna County protects its domain from unwanted intruders by using advanced networking strategies in line with state and federal guidelines, Mando said.
Scranton already had firewalls and other security safeguards in place, but Swietnicki said officials tightened security recently because of the Luzerne County attack.
“From the beginning, we’ve always been implementing security measures that we thought fit the network, fit the user base,” he said. “We are constantly reminding our users ... don’t just double click.”
Beyond providing security awareness training to all employees, regardless of job title, Muhammad said cybersecurity also demands investment in the latest technologies that can detect and preemptively block attacks.
“That’s one first level of defense,” he said. “Second is to have a strong information security program established within the institution.”
Such an investment is key, especially when confronted with threats not stemming from email attachments, said Oleksandr “Alex” Rudniy, Ph.D., an assistant professor of computer science at the University of Scranton.
“It should also be an investment in technology and software and hardware and also in those cybersecurity IT specialists,” he said. “The textbook says you shouldn’t think ‘what if this happens,’ you should think ‘when this happens.’”
©2019 The Times-Tribune (Scranton, Pa.). Distributed by Tribune Content Agency, LLC.