09 Apr 2019
RALEIGH, N.C. (WNCN) – As hackers’ attacks impact local governments and other entities across the country, Wake County leaders took a closer look Monday at efforts to detect threats and mitigate their effects.
Bill Greeves, the county’s chief information and innovation officer, told county commissioners about training employees receive in identifying risks and how his department has prepared to respond to potential threats.
“We approach it as, it’s not a question of will we be attacked. It’s a question of when will we be attacked and how will we recover from it?” he said.
Orange County recently faced its third attack in six years. It impacted a variety of government functions, including computer systems at the sheriff’s office, register of deeds office, and the library for several days.
However, county spokesman Todd McGee told CBS 17 that the county was prepared to resolve the issues without paying a ransom to the hacker(s).
Craig Petronella, a security expert who owns Petronella Security Group, said these so-called ransomware attacks have become much common, especially since 2013.
“The hackers are really looking at the low-hanging fruit, what’s easy,” he said. “They probably are targeting local governments because of past history, the City of Atlanta and how crazy the fees were.”
The Atlanta Journal-Constitution reported that after a cyberattack on that city last year, it cost nearly $17 million to recover.
Petronella wrote a free guide for people confronted with these kinds of attacks, which he calls the “Ransomware Hostage Rescue Manual.”
Wake County leaders say since they instituted mandatory security awareness training for employees that the number of them reporting suspicious emails has increased while those susceptible to simulated phishing emails has decreased.
“One untrained employee, one wrong click, and all the systems can come down,” said Petronella.