The Guilford County Board of Commissioners recently held a closed session at the end of their regular meeting, and, when the commissioners came out, they took an unexpected and somewhat mysterious action.

The board, with no public discussion, voted to spend an additional $418,000 over the next three years on upgrading the security of the county’s computer systems.

After the meeting, when Chairman of the Board of Commissioners Skip Alston was asked if the money was being spent in response to a successful cyberattack on the county’s computer network, Alston said that was not the reason.  Regardless, Guilford County already spends a great deal on computer system security – and something prompted the board to hold a rare security-based closed session and spend the large amount of additional money with no public explanation.

Security matters are one of the few legitimate legal reasons a government body in North Carolina can go behind closed doors and hold a discussion.

Two years ago, at the annual retreat of the Guilford County Board of Commissioners, former Guilford County Manager Marty Lawing told the board that it was astonishing how hard hackers came after the county.

“You probably wouldn’t believe some of the things we could show you as far as people trying to get into our system,” Lawing said at that time without indicating if the hacks were coming from foreign governments. Lawing added: “It’s a constant 24/7 situation.” and “We are under attack constantly.”

Many local governments and large companies across the United States in recent years have been successfully hit with ransomware attacks. In some cases, the victims end up paying hundreds of thousands of dollars or even millions to get their data back.

At the Thursday, Feb. 17 meeting of the Board of Commissioners, the motion to spend the money was made by Commissioner Carly Cooke, and seconded by Commissioner Carlvena Foster.  It authorizes staff to enter into and execute a contract with a computer security firm “to upgrade information security projects and services in the amount of $139,361.57 annually, totaling $418,085 over a three (3) year term beginning March 11, 2022 for the purpose of improving information security protections.”