A Tuolumne County computer network that typically provides public access was temporarily removed from the public internet following an attempted cybersecurity breach on March 18, Roger Root, chief technology officer of the county information.
There was an effort from outside the county network to send a command to the county’s centralized server, although the county’s computer system was not hacked, Root said in an email.
As computers and computing-enabled devices have become increasingly ubiquitous as communication and storage tools in recent decades, county officials say hackers, phishing attacks and other security issues cybersecurity have become just as common.
Like other government agencies and public entities, the county has become a target for online disruptors, and it budgets millions of dollars a year for information technology and its protection.
“We are closely monitoring all activity on the county network using multiple tools,” Root said Wednesday of the recent incident. “On March 18, one of our security tools alerted us to an attempted remote command sent to the server. Our security tools blocked the order in real time. We detected no unauthorized access and the command failed.
Information technology staff then took the county server offline — off the public internet — as a precaution, Root said. They then contacted a vendor and a third party to assess the server and an unspecified application.
“As a result of the assessment, we identified some configuration settings that raised other technical issues,” Root said. “The original setup was not optimal for several reasons and with the changes we have seen in the technology environment over the past few years.”
County IT staff continued to work Wednesday to bring the server back online and provide access to essential end users, Root said. He said his department plans to get the county’s system back online — with limited access — within the next week.
The county registrar’s office, which administers property records and normally provides computer access to those records to the public, had to shut down that access at some point last week.
As of Monday morning, computer access for the public had been restored, Connie Celaya, the office’s check-in manager, said in a phone interview.
“Everything works in our office,” Celaya said Monday. “We had to cut our internet access until IT could investigate. We started having problems last week.
Celaya said his staff believe the issue may be related to an effort to implement data backup. She pointed out that Root and the other IT staff had a better understanding of the situation. Whatever the problem last week, everything was working normally on Monday.
“I’m up and running and the public can come in,” Celaya said. “We have five public kiosks and people can come in and do whatever they need.”
County IT staff assist other county departments with computer networks, telephone systems, hardware, software, county web pages, and other communication and information systems.
A summary of the county’s current budget for fiscal year 2021-22 indicates that 17 full-time employees — including analysts, technicians and a security administrator — along with three Columbia College interns work for the Department of county information technology.
The budget summary notes that the last fiscal year was the first time in over seven years that the department was fully staffed.
The county’s budgeted information technology expenditures fluctuated by $3.9 million in 2018-19; $3.8 million in 2019-2020; $3.9 million in 2020-2021; at $4.7 million for 2021-2022.
A June 7 memo from county administrative staff to the elected Board of Supervisors regarding the recommended budget for 2021-22 indicated in part that the single largest cost of the IT budget — excluding salaries and benefits — is related to software and security.
The 2021-2022 budget includes an increase in the costs associated with cybersecurity.
“Two years ago, the county had no dedicated security budget,” the memo reads. “We’ve added new endpoint protection and an autonomous immune system cyber defense platform.”
The county, like many other government agencies, advocates and uses artificial intelligence cybersecurity systems to try to protect workers, data and other assets from online attacks.
The 2021-2022 Budget Summary also states that “In the face of the ever-expanding threat landscape, County IT staff, using available tools, successfully protected the County’s network against thousands of threats.”