East Hampton spending big on cybersecurity after Suffolk malware attack
East Hampton officials plan to spend $865,000 to bolster the town’s cybersecurity measures after the recent ransomware attack against Suffolk County exposed the vulnerability municipalities are facing.
Heath Liebman, the town’s network and systems administrator, recommended the town hire a cybersecurity service that could monitor and respond to cyberthreats around the clock, as well as to implement a cloud-based backup service to protect data.
The Town Board on Dec. 20 approved a bond resolution to cover costs for those services.
Liebman said during a virtual presentation before the board that those services would provide a “stronger disaster recovery plan,” reduce burden on current Information Technology staff and allow the department to “leverage the expertise of our vendor.”
His presentation indicated the cybersecurity service will provide what's known as managed detection and response — where a team of experts monitor the town’s “endpoints, networks and cloud environments” to hunt for and respond to any threats.
Adding a cloud-based service also will protect the town against any physical disasters such as a fire, Liebman said. He said while data is currently backed up in multiple locations on-site, the cloud provides extra protection.
“It gives us the ability to quickly restore data,” the IT expert said. In an emergency, the town "would be able to still access that data and not have to wait until the site is cleared," Liebman added.
The town’s purchasing department is currently working with vendors to buy the hardware and software needed for the upgrades.
Steve Morgan, founder of Cybersecurity Ventures, a Northport-based cybersecurity market research firm, told Newsday there’s an inevitability that every organization, whether a business or government entity, will be hacked.
“And there’s a lot more at risk for municipalities because they exist to serve residents digitally and otherwise,” he said in an email.
Morgan added that many municipalities run on antiquated systems that are decades old. He said cloud-based backup should be a standard practice and allows a municipality to be “far better protected than they are on their own.”
Should an organization be hit with a ransomware, the cloud backup serves as part of the incident response plan, he said. Restoring data and bringing systems back online can still be "a lot easier said than done," he said, which is why municipalities can be down for an extended period after an attack.
East Hampton Supervisor Peter Van Scoyoc said it’s critical the town takes steps to protect its internet technology.
“We have seen the impacts of the cyberattacks on Suffolk County and a lot of that has really spilled over to other municipalities,” he said.
The supervisor added that the board has taken a “hard look,” with the town's IT department, to find ways to strengthen cyber protections.
“We felt very strongly that we should immediately try to fund these efforts now rather than wait for the completion of our regular capital plan because time is of the essence,” Van Scoyoc said.
Hackers demanded from Suffolk County a $2.5 million ransom, but none was paid, County Executive Steve Bellone said in December.
The cyberattack on the county systems began in the Clerk’s Office as early as December 2021, according to a digital forensic auditor the county hired later.
County officials uncovered the attack in September, setting in motion an extended recovery period that remains ongoing.
Bellone said at a December news conference that Suffolk has spent $3.4 million on restoration efforts and $2 million on the forensic investigation.
East Hampton officials plan to spend $865,000 to bolster the town’s cybersecurity measures after the recent ransomware attack against Suffolk County exposed the vulnerability municipalities are facing.
Heath Liebman, the town’s network and systems administrator, recommended the town hire a cybersecurity service that could monitor and respond to cyberthreats around the clock, as well as to implement a cloud-based backup service to protect data.
The Town Board on Dec. 20 approved a bond resolution to cover costs for those services.
Liebman said during a virtual presentation before the board that those services would provide a “stronger disaster recovery plan,” reduce burden on current Information Technology staff and allow the department to “leverage the expertise of our vendor.”
His presentation indicated the cybersecurity service will provide what's known as managed detection and response — where a team of experts monitor the town’s “endpoints, networks and cloud environments” to hunt for and respond to any threats.
Adding a cloud-based service also will protect the town against any physical disasters such as a fire, Liebman said. He said while data is currently backed up in multiple locations on-site, the cloud provides extra protection.
“It gives us the ability to quickly restore data,” the IT expert said. In an emergency, the town "would be able to still access that data and not have to wait until the site is cleared," Liebman added.
The town’s purchasing department is currently working with vendors to buy the hardware and software needed for the upgrades.
Steve Morgan, founder of Cybersecurity Ventures, a Northport-based cybersecurity market research firm, told Newsday there’s an inevitability that every organization, whether a business or government entity, will be hacked.
“And there’s a lot more at risk for municipalities because they exist to serve residents digitally and otherwise,” he said in an email.
Morgan added that many municipalities run on antiquated systems that are decades old. He said cloud-based backup should be a standard practice and allows a municipality to be “far better protected than they are on their own.”
Should an organization be hit with a ransomware, the cloud backup serves as part of the incident response plan, he said. Restoring data and bringing systems back online can still be "a lot easier said than done," he said, which is why municipalities can be down for an extended period after an attack.
East Hampton Supervisor Peter Van Scoyoc said it’s critical the town takes steps to protect its internet technology.
“We have seen the impacts of the cyberattacks on Suffolk County and a lot of that has really spilled over to other municipalities,” he said.
The supervisor added that the board has taken a “hard look,” with the town's IT department, to find ways to strengthen cyber protections.
“We felt very strongly that we should immediately try to fund these efforts now rather than wait for the completion of our regular capital plan because time is of the essence,” Van Scoyoc said.
Hackers demanded from Suffolk County a $2.5 million ransom, but none was paid, County Executive Steve Bellone said in December.
The cyberattack on the county systems began in the Clerk’s Office as early as December 2021, according to a digital forensic auditor the county hired later.
County officials uncovered the attack in September, setting in motion an extended recovery period that remains ongoing.
Bellone said at a December news conference that Suffolk has spent $3.4 million on restoration efforts and $2 million on the forensic investigation.
Gloss