Washington County implements cybersecurity policy to combat potential ransomware attacks
WASHINGTON – The Washington County commissioners approved a new “business continuity and disaster recovery policy and plan” designed to take a proactive approach in guarding against another cyber attack like the one that crippled the county government for nearly three weeks earlier this year.
The policy, which was drafted with the help of outside cyber consultants and the county’s IT department with input from its insurance carrier, is designed to improve the network’s system, assign roles and responsibilities to workers and put a plan in place to protect and restore data.
It will also set forward a plan to continue county operations during an emergency should there be another cyber attack similar to the one that affected government operations in late January through early February this year.
“You only have to watch the news for a day or two to see that they’re happening all over the country – hospitals, counties, huge corporations,” Washington County Commission Chairman Nick Sherman said in an interview after the meeting. “Really, no one doesn’t have a target on their back for these people, so it’s making sure we’re covering our assets here in Washington County.”
The commissioners unanimously passed the measure during their Thursday meeting, the last of 2024. Sherman and Commissioner Larry Maggi attended in person while Commissioner Electra Janis voted through videoconferencing since she is away.
Sherman said the policy and plan were needed regardless of the ransomware attack that hit the county’s network on Jan. 19 and culminated with the commissioners approving a $346,687 payment in cryptocurrency to Russian-based hackers on Feb. 6 in exchange for a “digital encryption key” to unlock the system. He said that insurance carriers are requiring or strongly advising county and local governments to implement an approach to protect itself from malware and prepare a plan if a hacker slips through.
“There are fail-safes in place. We know there are bad actors out there,” Sherman said. “This is about making sure we’re buttoned up in our IT department so if someone does click on the wrong link that we’re not going to have an incident again. … It’s about doing things better and learning from the past.”
But he also acknowledged that nothing is foolproof when it comes to situations such as these. However, the county hopes to be as prepared as possible moving forward.
“It’s not a guarantee,” he said. It’s always a learning experience. It’s about making sure your computer systems have the appropriate malware (protection) on them. Nothing that we do, nothing that we purchase is going to 100% protect us from this. … This is about making sure if something does happen again, that the insurances that are in place will be there to cover the costs so we’re not putting a burden on the taxpayers.”
He praised the work of the IT department and special consultant who helped navigate the cyber incident earlier this year, and said they were able to “mitigate the damage” done to Washington County. This policy will build on what was done before, Sherman said, to better protect the county moving forward.
“This is 100% proactive. You look at these things and you learn from them,” Sherman said. “Absent the cyber attack that happened, the insurances are changing their policies regardless if you have an incident or not. … We’re not alone and it’s not because we had a cyber incident. It’s because of all the cyber incidents that happened across America, these insurance companies are buttoning up and making sure they’re in place.”