Computer network outage update: Monroe County government definitely to open July 8, cybersecurity experts working to determine scope of issue
After being shut down early on Monday, July 1, due to a computer network outage of unknown cause, Monroe County government announced Wednesday that county offices would remain closed until Monday, July 8.
Late Friday afternoon, Monroe County’s chief technology officer, Greg Crohn, told The B Square that the latest word from county commissioners is that county government offices will definitely be back open for business on Monday morning (July 8).
On Friday, a statement about the outage was posted on the Monroe County website, which stresses that there has been “no disruption of law enforcement or emergency care services.”
Even though government offices will be open on Monday, Crohn said he does not at this point know how much of the computer network will be functioning. Crohn put it like this: “It’s still unclear at this time as to what level I will have the servers back up.”
[Updated at 9:10 a.m. on July 8, 2024. Crohn has sent a message to county staff that reads in part: “At this time all production servers are back in operation. This includes the shared, public and departmental drives.” The sign on the county courthouse door indicating closure has been removed, and the doors are unlocked.]
Friday, July 12, is a regular biweekly payroll day. That process typically starts the Monday before Friday paychecks are issued. When The B Square spoke with county treasurer Cathy Smith on Friday afternoon, she said she could not say for certain that putting out next week’s payroll would be smooth sailing.
But starting Monday morning, Smith said she would be focused on ensuring that county employees get paid as they’re supposed to on Friday.
Crohn said that network functions that support the financial systems and the courts would be given priority.
[Updated at 8 a.m. Saturday, July 6, 2024. One indicator that systems are coming back on line is fact that on Saturday morning, for the first time since last Saturday (June 29), the daily jail book-in report was sent to the usual email distribution list.]
Crohn said he could still not comment on the cause of the outage. The third-party vendor that is helping the county government sort out the issue with the computer servers has not yet completed its analysis, Crohn said.
Crohn expected that an announcement about the cause of the outage could eventually come from county commissioners, Crohn said. He added, “Once everything’s been analyzed and completed by our third party, then we’ll be prepared to make a statement as to the cause.”
Beyond the sheer duration of the server outage, there are some other factors that point to a potential attempt by a bad actor to compromise the county government’s computer network.
In the statement posted on the county’s website on Friday, the third-party experts who have been tapped by the county are described as “cybersecurity specialists” who were brought in “to investigate the scope and scale of the issue and identify steps we can take to help prevent something similar from happening in the future.”
In its regular emailed newsletter, sent at 2:03 p.m. on Wednesday, July 3, Indiana’s DLGF (Department of Local Government Finance) included a “cyber threat advisory” that stated, “An Indiana local government office experienced a cybersecurity attack that utilized BlackSuit ransomware and may be linked to the Royal Spider cybercriminal organization, which operates from the Russian Federation.”
Responding to a question from The B Square, DLGF director of communications Jenny Banks emailed to say: “We [DLGF] were not provided with the name of the government unit that had the attack.” Banks added,“The Indiana Office of Technology tracks incidents, and provided us with the general information.”
Under state law, the Indiana Office of Technology (IOT) is the agency to which local units have to report cybersecurity incidents within 48-hours.
Responding to a B Square question about whether Monroe County government had reported a cybersecurity incident to the ITO, director of communications for the IOT, Graig Lubsen, wrote, “IOT doesn’t comment on the status of local government IT operations.”
Responding to a B Square question on Friday afternoon, Crohn indicated he would be working through the weekend to bring the county’s computer network servers back up to full strength.
