Major cybersecurity flaws led to Suffolk County ransomware attack: Officials

Suffolk County officials are admitting that there were a number of flaws in the county's cybersecurity guidelines leading up to the September 8 ransomware attack last year that compromised the information of nearly half a million residents.

"There were plenty of things we could’ve been doing," Suffolk County Executive Steve Bellone said at a press conference Wednesday. "If we had a Chief Information Security Officer in place with security authority then that could’ve changed the outcome."

Findings from a 40-page forensic report completed by an outside cybersecurity agency determined that criminal actors gained entry to County Clerk servers through a vulnerability in the office before launching a full-blown attack against the County.

"It described in great detail the eight months that the criminal actors spent in the Clerk’s office installing bitcoin mining software, creating fake accounts," Bellone said. 

According to the report, the cyberattack impacted just 1.6 percent of systems, however, Bellone says the County was able to maintain its backup data and didn’t pay any ransom. Now, more than 95 percent of county services are back online. 

"We’re in a better position than we were before, and we can move forward with remote access coming soon," said Lisa Black, who helped lead the County’s response.

The Suffolk County Legislature formed a six-member committee and plans to meet next week to set up dates and times for meetings where they will hear from witnesses to determine their version of who, what, where, when, why, and how this happened.