This was the day when Baltimore city was Cyber-attacked by Ransomware...this interview of the authorities is cited from the MIT, Edx platform
[Todd Carter, Acting Chief Information Officer,
Baltimore, MD]
“The biggest posted challenge was the logistics around
re-establishing accounts, and email, and internet services to everyone, getting
access to buildings, making sure a password scheme from the past is much
different than the password scheme before, making sure we don't have any bad
actors or some reporter trying to infiltrate, because we had to verify that
each individual was who they were. So they had to bring IDs, had to be
validated by our HR. That was probably the first biggest challenge. I think the
second challenge was, there is a lot of work arounds that we had to deploy just
to try to bring back services to residents whose systems were-- or, for
instance, a server that was impacted by the ransomware. So a lot of our online
payment systems were impacted. And we just had to take those servers, just like
every other server, make sure it was clean, and then deploy it. And when we
deployed it, we didn't want to have a negative impact to residents, so we
didn't want to imply fees. So those are the kind of things that were
challenging, because we had long lines in some of our customer-facing services.
And so the pressure to get those services back as quickly as possible, as
smoothly as possible, without any impact to residents was a challenge. We were
working feverishly to do that.”
[Sheryl Goldstein, Deputy Chief of Staff of
Operations, Batlimore, MD]
“Fortunately, we've-- the city has been able to
recover almost all of the information that was impacted by the cyber attack and
was able to do that in less than six months. The city fortunately had robust
backups. And so at this point, certainly we've recovered virtually every piece
of information that was impacted. I think one thing that we learned as a lesson
of the cyber attack was the need for stronger internal and external
communications, early on, being clear about what's going on and what the
expectations are, and also how residents could access services. I think so many
people in our society have become so used to communicating electronically and
are used to being able to email, be able to go to a website and get their
information that way. And I think we had not really prepared for a situation in
which that was not going to be an available way for residents to receive
information. And it took a few days for the city to be able to get phone lists
to get out to the public who needed to reach out and get information from
different people or different agencies, as well as to really assess what the
systems that were impacted are and get information out about what the new
systems were going to be to people. So I think that's something that was a real
lesson learned. And I think we and other cities could really make progress
ahead of time and prepare for to do better in another instance.”
[Eric
Costello, Councilman, Cybersecurity and Emergency Preparedness Committee Co
Chair, Baltimore, MD]
“The President of the City Council established a
Cybersecurity and Emergency Preparedness Committee. That committee has been
convened. We've held one hearing so far, interviewed a number of different
subject matter experts to help us kind of guide the scope of what the committee
is going to be looking at. We had our first hearing. And we're going to
continue to dig into it to get a better understanding of what happened, how it
happened, how the city's response could have been more effective, and what can
be done to basically reduce the likelihood of another attack, and should
another attack occur, which is a definite possibility, that we're better
positioned to more immediately mitigate the damage of that. We're looking to
produce a written report summarizing what happened along with recommendations
for executive action, again, solely focused on how do we reduce the likelihood
and the potential impact of a future event. From what we can see under the
acting CIO's leadership, a lot of those issues are starting to be resolved. I
think there needs to be executive-level buy in from the Mayor or the County
Executive. Without that, this is all a bit for naught. It seems that our Mayor,
Jack Young, really does understand this and is willing to put significant
capital investment behind making these upgrades, again, intended to reduce the
likelihood and impact of a future attack. Cybersecurity really needs to be
drilled into everyone's heads, per se, starting with training. Right now we
don't have training for cybersecurity. And that's a major problem. It's
something that the committee has raised. And I know it's something the acting
CIO is working on. So we've got to raise awareness. We've got to get folks
educated on it, and again, reduce the likelihood, reduce the impact.”
0 Comments