Guilford County’s computing system has come under attack from hackers.
County Information Technology Department staff have identified the culprits – however, county officials at this time are not revealing where the attacks originate.
The Guilford County Board of Commissioners is expected to hold a closed session on the matter so that Guilford County Manager Marty Lawing can inform the board in private about the nature of the computer system attacks, which remain ongoing. Most county government matters have to, by law, be discussed in public. However, sensitive security matters are an exception to that law and can be discussed behind closed doors.
Lawing is also calling for the county to create a new anti-hacking expert employee position dedicated to overseeing the security of the county’s computer system.
Lawing spoke on the attacks very cryptically in open session at a recent Board of Commissioners retreat, but he did provide enough detail to give a picture of the alarming nature of the attacks.
“You probably wouldn’t believe some of the things we would show you as far as people trying to get into our system,” Lawing said, not indicating if the hacks were coming from foreign governments, individuals in the US – or from someone else.
But the attacks continue to come in fast and furious.
“We can tell who is trying to get into and it’s a constant 24/7 situation,” Lawing said. “We are under attack constantly.”
Lawing said that he has talked to other county managers who have been the victim of ransonware attacks – which hold a government or business computing system hostage until money is paid. Lawing said that, based on those conversations, it can be an extremely bad situation.
He said a county information security manager could spend 100 percent of their effort on that concern.
Before the recent revelations by Lawing, the Rhino Times had asked Guilford County Chief Information Officer Hemant Desai about the county’s efforts against hackers. Desai said that it is a constant challenge.
“We have several layers of protection from Edge appliances securing our Network perimeter all the way to end user computing devices,” Desai stated in an email. “However, the threat landscape is ever evolving and we do see ongoing attempts to penetrate our systems using means such as Phishing emails etc. Fortunately, our security systems are able to stop them at the ‘gates’ so to say. However, as I have always maintained, Cybersecurity, and specifically Ransomware threat protection, is everyone’s responsibility, which includes our users and trusted external partners such as vendors.”
Desai added, “We keep our users aware of the latest threats using various communication methods and will continue to do so. Additionally, we keep evolving our security posture based on new information received and will keep trying to be proactive and continue engaging our users in keeping our systems secure.”