Officials from Jersey City and the autonomous utilities agency have said little about the Sept. 30 ransomware attack, which MUA documents said blocked access to “vital” water and sewer information.
But the MUA spent nearly half a million dollars to address the attack, and the agency’s computer systems were still not fully functional even three months after the cyberincursion, an MUA resolution passed last month shows.
At a Dec. 17 meeting, the MUA Board of Commissioners voted to approve a new $391,000 emergency contract with cybersecurity firm Digital Team Six for “technical restoration services,” according to a resolution obtained through an Open Public Records request. The new contract was “necessary to avert a public health crisis,” the resolution said.
“Despite repeated efforts … problems continued to be encountered with restoring all of the JCMUA’s Internet technology network to full operation,” the resolution states, adding that “it has become increasingly apparent that advanced technical assistance will be required.”
But the extent of the potential “public health crisis” is unclear. JCMUA Executive Director Jose Cunha could not be reached for comment and MUA Board of Commissioners Chair Maureen Hulings declined to comment. Digital Team Six staff did not immediately respond to requests for comment.
The contract comes on the heels of an $18,675 contract with a different information technology firm, as well as a $25,000 contract with Pennsylvania law firm Mullen Coughlin to investigate the incident — putting known expenditures related to the incident at $434,675. MUA officials expected at least $25,000 of that to be covered by insurance.
It’s also unclear exactly what the hacker or hackers wanted to target. However, the attack caused the agency to “lose access to vital information and documentation related to the provision of water and sewerage services to the citizens of the City of Jersey City,” an October resolution reads.
In ransomware attacks, hackers block access to computer systems’ data and demand a ransom for its release. It’s unclear whether or not the MUA paid a ransom, and whether any data is still being blocked.
The Dec. 17 resolution also revealed the occurrence of another, previously unknown cyberattack on a different city agency: the Jersey City Office of Emergency Management. That city agency “suffered a similar ransomware incident,” the resolution reads, adding that OEM officials were those who recommended hiring Digital Team Six.
A city spokeswoman did not respond to emailed questions about the incidents. But Jersey City Mayor Steve Fulop has made a point of highlighting Jersey City’s cyberdefenses.
“As a city, we not only made a significant financial commitment to build the most sophisticated cyber defenses to protect our residents, but we’re also the only municipal police department on the eastern seaboard with police officers assigned to the FBI Cyber Security Task Force,” Fulop wrote in a Sept. 17 NorthJersey.com op-ed.
A city spokeswoman subsequently noted the MUA’s computer system is separate from the city’s system.
©2021 NJ Advance Media Group, Distributed by Tribune Content Agency, LLC.