New York State In-depth

East Hampton spends big on cybersecurity after Suffolk malware attack

East Hampton officials plan to spend $865,000 to strengthen the city’s cybersecurity measures after the recent ransomware attack on Suffolk County exposed communities’ vulnerabilities.

Heath Liebman, the city’s network and systems administrator, recommended that the city hire a cybersecurity service that can monitor and respond to cyber threats 24/7, and implement a cloud-based backup service to protect data.

The city council approved a bond order on Dec. 20 to cover the cost of these services.

Liebman said during a virtual presentation to the board that these services would provide a “stronger disaster recovery plan” and reduce the strain on the stream IT staff and enable the department to “leverage the expertise of our vendor”.

His presentation indicated that the cybersecurity service will provide what is known as managed detection and response – in which a team of experts monitors the city’s “endpoints, networks and cloud environments” to scan for and respond to threats.

Adding a cloud-based service will also protect the city from physical disasters like a fire, Liebman said. He said while data is currently backed up to multiple on-premises locations, the cloud offers additional protection.

“It gives us the ability to recover data quickly,” said the IT expert. In an emergency, “the city would still be able to access that data and not have to wait for the site to clear,” Liebman added.

The city’s purchasing department is currently working with vendors to purchase the hardware and software required for the upgrades.

Steve Morgan, founder of Cybersecurity Ventures, a Northport-based cybersecurity research firm, told Newsday that it is inevitable that any organization, whether corporate or government agency, will be hacked.

“And municipalities are at much greater risk because they exist to serve residents digitally and otherwise,” he said in an email.

Morgan added that many municipalities are running legacy systems that are decades old. He said cloud-based backup should be a standard practice and allow a community to be “far better protected than they are alone.”

Should an organization be hit by ransomware, cloud backup serves as part of the incident response plan, he said. Recovering data and getting systems back up and running can still be “much easier said than done,” leaving communities down for extended periods after an attack.

East Hampton chief Peter Van Scoyoc said it was important the city took steps to protect its internet technology.

“We’ve seen the impact of the cyber attacks on Suffolk County and a lot of that has really spilled over into other communities,” he said.

The manager added that the board had been “examined extensively” with the city’s IT department to find ways to strengthen cyber protection.

“We felt strongly that we should immediately seek to fund this effort now, rather than waiting for our regular capital plan to be completed, as time is of the essence,” said Van Scoyoc.

Hackers demanded a $2.5 million ransom from Suffolk County, but no ransom was paid, County Executive Steve Bellone said in December.

The cyberattack on the county’s systems began as early as December 2021 at the Clerk’s Office, according to a later hired county digital forensic examiner.

County officials uncovered the attack in September and initiated an extended recovery period that is still ongoing.

Bellone said at a December news conference that Suffolk spent $3.4 million on restoration work and $2 million on the forensic examination.

East Hampton officials plan to spend $865,000 to strengthen the city’s cybersecurity measures after the recent ransomware attack on Suffolk County exposed communities’ vulnerabilities.

Heath Liebman, the city’s network and systems administrator, recommended that the city hire a cybersecurity service that can monitor and respond to cyber threats 24/7, and implement a cloud-based backup service to protect data.

The city council approved a bond order on Dec. 20 to cover the cost of these services.

Liebman said during a virtual presentation to the board that these services would provide a “stronger disaster recovery plan” and reduce the strain on the stream IT staff and enable the department to “leverage the expertise of our vendor”.

His presentation indicated that the cybersecurity service will provide what is known as managed detection and response – in which a team of experts monitors the city’s “endpoints, networks and cloud environments” to scan for and respond to threats.

Adding a cloud-based service will also protect the city from physical disasters like a fire, Liebman said. He said while data is currently backed up to multiple on-premises locations, the cloud offers additional protection.

“It gives us the ability to recover data quickly,” said the IT expert. In an emergency, “the city would still be able to access that data and not have to wait for the site to clear,” Liebman added.

The city’s purchasing department is currently working with vendors to purchase the hardware and software required for the upgrades.

Steve Morgan, founder of Cybersecurity Ventures, a Northport-based cybersecurity research firm, told Newsday that it is inevitable that any organization, whether corporate or government agency, will be hacked.

“And municipalities are at much greater risk because they exist to serve residents digitally and otherwise,” he said in an email.

Morgan added that many municipalities are running legacy systems that are decades old. He said cloud-based backup should be a standard practice and allow a community to be “far better protected than they are alone.”

Should an organization be hit by ransomware, cloud backup serves as part of the incident response plan, he said. Recovering data and getting systems back up and running can still be “much easier said than done,” leaving communities down for extended periods after an attack.

East Hampton chief Peter Van Scoyoc said it was important the city took steps to protect its internet technology.

“We’ve seen the impact of the cyber attacks on Suffolk County and a lot of that has really spilled over into other communities,” he said.

The manager added that the board had been “examined extensively” with the city’s IT department to find ways to strengthen cyber protection.

“We felt strongly that we should immediately seek to fund this effort now, rather than waiting for our regular capital plan to be completed, as time is of the essence,” said Van Scoyoc.

Hackers demanded a $2.5 million ransom from Suffolk County, but no ransom was paid, County Executive Steve Bellone said in December.

The cyberattack on the county’s systems began as early as December 2021 at the Clerk’s Office, according to a later hired county digital forensic examiner.

County officials uncovered the attack in September and initiated an extended recovery period that is still ongoing.

Bellone said at a December news conference that Suffolk spent $3.4 million on restoration work and $2 million on the forensic examination.

Joe Werkmeister covers the cities of Southampton, East Hampton and Shelter Island. He is a graduate of St. Bonaventure University and previously worked as an editor for two community newspapers in North Fork.

Comments are closed.