A Tuolumne County computer network that typically offers public access has been temporarily taken off the public internet in the wake of an attempted cybersecurity breach back on March 18, Roger Root, the county’s information technology director, said Wednesday.
There was an effort from outside the county network to send a command to the county’s centralized server, though the county’s information technology system was not hacked, Root said in an email.
As computers and computerized devices have become more and more universal as tools of communication and storage in recent decades, county officials say hackers, phish attacks, and other cybersecurity concerns have become just as common.
Like other government agencies and public entities, the county has become a target for online disrupters, and it budgets millions of dollars annually for information technology and its protection.
“We closely monitor all the activity on the county network using multiple tools,” Root said Wednesday about the recent incident. “On March 18, one of our security tools alerted us of an attempted remote command sent to the server. Our security tools blocked the command in real time. We detected no unauthorized access, and the command was unsuccessful.”
Information technology staff then took the county server offline — off of the public internet — as a precaution, Root said. They then contacted a vendor and a third party to evaluate the server and an unspecified application.
“As a result of the evaluation, we identified some configuration settings that raised some other technical concerns,” Root said. “The original configuration was not optimal for multiple reasons and with the changes we have seen in the technology environment in the last few years.”
County information technology staff continued working Wednesday to bring the server back online and to provide access to essential end users, Root said. He said his department anticipates having the county system back online — with limited access — within the next week.
The county Recorder’s Office, which handles property records and normally offers computer access to those records to the public, had to shut off that access at some point last week.
As of Monday morning, computer access for the public had been restored, Connie Celaya, the office’s recording manager, said in a phone interview.
“Everything is working in our office,” Celaya said Monday. “We had to shut off our internet access until IT could investigate. We started experiencing problems last week.”
Celaya said her staff thought the problem may have had to do with an effort to implement a data backup. She emphasized Root and other IT staff understood more about the situation. Whatever the problem was last week, everything was working normally Monday.
“I am up and running and the public can come in,” Celaya said. “We have five public kiosks and people can come in and do whatever they need to do.”
County IT staff help other county departments with computer networks, phone systems, hardware, software, the county’s web pages, and other communications and information systems.
A summary of the county’s current adopted budget for fiscal year 2021-2022 indicates 17 full-time staff — including analysts, technicians, and a security administrator — as well as three Columbia College interns, work for the county information technology department.
The budget summary notes that last fiscal year was the first time in more than seven years the department was fully staffed.
County information technology budgeted expenditures have fluctuated from $3.9 million in 2018-2019; $3.8 million in 2019-2020; $3.9 million in 2020-2021; to $4.7 million for 2021-2022.
A June 7 memo from county administrative staff to the elected Board of Supervisors regarding the 2021-22 recommended budget stated in part, the most significant cost in the IT budget — with the exception of salaries and benefits — is related to software and security.
The 2021-2022 budget includes an increase in costs associated with cybersecurity.
“Two years ago, the county had zero budget dedicated to security,” the memo states. “We have added new endpoint protection and an immune system autonomous cyberdefense platform.”
The county, like many other government agencies, advocates for and uses artificial intelligence cybersecurity systems to try to protect workers, data and other assets from online attacks.
The 2021-2022 budget summary also states that “in the face of the ever-increasing threat landscape, the county’s IT staff, utilizing the available tools, has successfully protected the county’s network against thousands of threats.”