CLOSE
Tags Posts tagged with "hacking"

hacking

by -
0 292
Pixabay photo

The recent ransomware attack against the Suffolk County government has raised important questions about the relationship between citizens, governments and technologies.

A confirmed ransomware event took place in early September. The hack crippled the county’s information technology infrastructure, and recovery efforts remain ongoing. 

In the wake of these events, the hack prompted critics to question the digitization of sensitive information and how governments can better secure their IT networks.

What is ransomware?

Nick Nikiforakis is an associate professor in the Department of Computer Science at Stony Brook University. His research focuses on web security and privacy. In an interview, he described how ransomware works.

“Ransomware is, effectively, malicious software that infiltrates a machine, starts encrypting all sorts of private documents, spreadsheets, anything that is of value, and then leaks out to the attacker the encryption key and potentially the data that was encrypted,” he said. 

Some forms of ransomware affect only a single machine, according to Nikiforakis. Other strains may spread into several devices, potentially infecting an entire network.

Ransomware is the confirmed vector of attack for Suffolk County. However, how hackers first entered the county’s system is unknown to the public. 

While the details of the county hack are scanty, Nikiforakis said cyberattackers commonly use emails with malicious attachments. In other instances, they can locate vulnerable software within a network, exploit that weakness and breach that system. Once hackers gain access to the system, they hold sensitive information for ransom. 

“The original idea behind ransomware is that if you don’t pay the attacker the money that they ask, then you lose access to your data,” Nikiforakis said. 

Backup software was developed, in part, to mitigate this concern. Regardless, as technologies have evolved, so has cybercrime. 

“Even if you have the ability to restore your data from backups, now you have to deal with the attacker having access to your data and threatening you with making that data public, which is what’s happening in this case,” Nikiforakis said.

Based on the information available, Nikiforakis said the attackers likely gained access to speeding tickets and various titles, among other sensitive materials. “This is definitely a cause for concern, and that is why, in certain cases, people decide to pay, to avoid this blowback that will come from the data being made publicly available.”

A question of payment

Ransomware raises an ethical dilemma for government officials, namely whether to use public funds to pay a ransom.

“People can take a philosophical approach and say, ‘We don’t negotiate with terrorists,’ and I understand that,” Nikiforakis said, “But then the rational thing for the attacker to do is to make that data available to the public. Because if he doesn’t, then the next victim will also not pay him.” 

The profitability of the ransomware operation depends upon the victim trusting that the criminals will comply with the conditions of the transaction. The ransomware business model would fail if cyberattackers generally went against their word.

For this reason, Nikiforakis said payment and compliance could sometimes be in the interests of both parties. 

“I think it’s a very rational decision to say, ‘Let’s pay and accept this as a financial loss and let’s make sure that this doesn’t happen again,’” he said.

In Suffolk County, however, putting this theoretical framework into action is more complicated. Responsibility for paying ransomware payments would be vested in the Office of the Comptroller, which oversees the county’s finances. 

During an election interview last month with county Comptroller John Kennedy Jr. (R), he hinted that compromising with cybercriminals is off the table.

“There is no predicate in the charter, in the New York State County Law, in the Suffolk County code, to take taxpayer money and give it to a criminal,” he said.

‘Technology is moving so quickly that it is incredibly challenging for government to keep up.’ 

— Sarah Anker

The effect on the county’s government operations

The ransomware attack has also aggravated concerns over securing the county’s IT apparatus. Kennedy likened the problem to a fire code, saying fire codes often include provisions for masonry walls and other buffers that reduce the spread of a fire.

“If a fire starts, it doesn’t take down the whole complex. It stops at the masonry wall,” he said. “Our system was not configured with those hard breaks, other than some separation of function out in Riverhead in the County Clerk’s Office.” 

Suffolk County Legislator Sarah Anker (D-Mount Sinai), whose office was attacked by ransomware in 2017, has advocated for serious IT reform for some time. She followed the county’s technology closely and expressed frustration over how the initial attack occurred.

“I could tell, and I could feel, that there needed to be more done,” she said. “It has hampered the government, it has affected our constituents. Maybe it could have been worse, but it should have never happened.”

Suffolk County Sheriff Errol Toulon Jr. (D) explained his office’s many challenges since the hack. Though communications systems are slowly returning online, the initial attack disrupted both external and internal communications within the Sheriff’s Office.

“From a jail and police perspective, it really hindered us in the beginning,” he said. “Emails that we received from other law enforcement agencies or any communication with our community was stopped for a significant amount of time.”

New York State’s Division of Homeland Security and Emergency assisted the Sheriff’s Office as Toulon’s staff worked without an operational communication network. Because of this coordination, Toulon maintained that the functions of the jails were more or less appropriately executed.

“We wanted to make sure that any individual that was supposed to be released from our custody was released on time,” the county sheriff said. “No one was incarcerated longer than they had to be.” 

Preparing for the future

Toulon suggested the existing IT network is too centralized and interconnected. To prevent future failure of the entire network, he proposed creating separate silos for each department.

“I feel that the District Attorney’s Office, the Sheriff’s Office, the [County] Clerk’s Office and the Comptroller’s Office should be totally separate from the County Executive’s Office,” Toulon said, “So if, god forbid, this were to happen again in the future, we wouldn’t be directly impacted like everyone else.”

Anker said she and a newly formed panel of county legislators are beginning to explore ways to harden the network and apply strategies that work elsewhere.

“As we move forward, we need to see what the other municipalities and corporations are doing,” she said. “What types of programs and software do they have that prevent these attacks?”

The rate of software development, according to Anker, is outpacing the ability of governments to respond effectively. While IT departments must remain ahead of the cybercriminals to keep their digital infrastructure safe, staying out front is easier said than done.

“Technology is moving so quickly that it is incredibly challenging for government to keep up,” she said. “I would like to see more accountability in all respects and from everyone as we move forward with new technology.”

While the recent cyberattack focuses on the government, Anker believes ordinary citizens are also at risk from hostile online actors. The county legislator contended more work should be done to alert community members of these dangers.

“Not enough is being done regarding community outreach,” she said. “There needs to be more education on preventing an attack even on your home computer.”

Nikiforakis proposed that greater attention be given to digitizing personal records. According to him, those records in the wrong hands could unleash great harm. 

“Ransomware was a big game-changer for attackers because it allows them to monetize data that would not be traditionally monetizable,” he said. “Through ransomware, suddenly everything that is of value can be monetized.”

The SBU associate professor supports software upgrades, cybersecurity protocols and other measures that protect against ransomware. But, he said, a broader conversation needs to take place about the nature of digitization and whether individuals and governments should store sensitive files online.

“More and more things that didn’t used to be online are suddenly available online,” he said. “We have to reassess the eagerness with which we put everything online and see whether the convenience that we get out of these systems being online is a good return on investment, given the risks.”

by -
0 1403
Brookhaven is looking to increase it's cyber security through a state grant, but the town is not saying how. Stock photo

The Town of Brookhaven is looking to beef up its cyber security.

At the Aug. 2 Brookhaven Town board meeting councilmembers voted unanimously to apply for a $50,000 grant under the New York State Division of Homeland Security and Emergency Services Cyber Security Grant Program. If the town attains the grant, Brookhaven will use town funds under specified cyber security initiatives and seek reimbursement through the grant.

The grant will make $500,000 available for any county, town or village in the state at a maximum of $50,000 per entity. Other municipalities in Suffolk County such as the Town of Smithtown are applying for the grant.

According to the state grant application, the money can be used for a number of items, including hiring a cyber security consultant, software packages for items such as firewalls and encryption, new equipment such as servers or hardware used against cyber threats, and for staff training involving cyber security awareness.

Jack Krieger, communications director for Brookhaven Town, said the town does not comment on current or future cyber security measures when asked what the money might be used for.

In June 2017, the Town of Brookhaven’s website, among 76 other municipalities, was successfully hacked by what was described as a “pro-ISIS group.” ISIS is referring to the Islamic State of Iraq and the Levant, the group that took over parts of Iraq and Syria in 2014 and is now being pushed back by U.S.-backed Iraqi forces and the Syrian army.

The group, Team System DZ, created a static webpage using the Town of Brookhaven servers, but it did not affect the official Brookhaven website. A link was set up through town servers to a static, look-alike webpage.

Deputy Town Supervisor Dan Panico (R-Manorville) said at the time they did not see any information extracted from the servers. The town’s website was taken down temporarily but was restored within a few days.

Much emphasis has been put on cyber security by government officials of late, as it was revealed that Russia had made efforts to hack into Democratic National Convention servers during the run-up to the 2016 presidential election, taking information which was later released via several outlets including WikiLeaks, an international whistleblower organization. U.S. intelligence officials have warned that Russia is already attempting to influence the 2018 midterm elections through multiple electronic means including phishing scams that target people’s passwords and by setting up fake accounts on social media, according to Bloomberg News recently.

Meanwhile, the Suffolk County Board of Elections is also keeping tight-lipped about cyber security measures as Long Island and the rest of the country heads toward a heated midterm election taking place Nov. 6.

“The board generally doesn’t comment on its security measures because we understand that doing so could aid nefarious individuals in their attempts to exploit our voting processes,” said Republican board of elections commissioner, Nick LaLota, when asked about the board’s preparedness to ward off security threats.

TBR News Media is your local news and entertainment website.
We provide you with the latest breaking news and information for your community.
Contact us: [email protected]

Most Viewed

©