“We were able to utilize that (funding) to get back up and running, but we do need to invest in hardening our network further,” Dzik said Tuesday, adding that new routers and firewall software is needed, among other features.
It is still unknown if any resident data has been affected by the attack, Dzik said last week, and the city is now working with a data mining company to collect files from the forensic investigators involved in the response.
The additional $450,000 approved on Tuesday will be paid to Secure Cyber Defense, the cybersecurity consulting firm that has led the city’s ransomware response, a detail which had not been released by city officials until Tuesday’s meeting.
“Secure Cyber Defense has been right by our side since 3 p.m. the day of the hack. They’re the ones who got us back up and running,” Dzik said. “We didn’t publicly report that previously because there were some concerns that the hackers might go after them.”
Secure Cyber Defense will also outline a cyber security plan specific to the city’s needs on an interim basis, a task which will be transferred to the incoming IT director. The city is currently seeking applicants for that vacant position after its previous longtime technology lead Branden Payton resigned in November, just over a week before the cyberattack.
The $450,000 in funds were approved Tuesday as an addendum to annual legislation giving the city manager authority to enter into agreements with certain vendors while waiving the competitive bidding process.
The legislation lists specific vendors and services needed to perform day-to-day operations within various city departments and divisions throughout the year, and includes not-to-exceed prices, funding for which is outlined in each department’s 2024 budget.
Items listed in the legislation include financial and legal services, police/fire department uniform and equipment purchases, city vehicle maintenance, asphalt and aggregate materials for the Public Works Division, and IT department equipment and software.
There has been a continuing upward trend in the number of cyberattacks and the amount of money demanded against cities and local governments, according to industry experts, who attribute this increase to multiple factors, including that residents’ private information can be easily sold on the dark web.
Matthew Torres, a senior account executive for Acrisure Cyber Services, a managed security service provider that specializes in cybersecurity, said recently that local municipalities are also typically underfunded and without adequate IT resources to protect themselves, making the risk even higher.
According to Torres, step one in combatting cybersecurity issues is to educate and train staff members about the changing threat landscape.
“The human element will always be the weakest link in the security chain,” he said.
Other best practices include implementing multi-factor authentication, adhering to strong password requirements, and ensuring all systems, assets and applications are being updated frequently with the newest security patches.
About the Author