By JAN McLAUGHLIN
BG Independent News
Bowling Green officials were assured Monday evening that the city has measures in place to protect the community from the current ransomware attack on Wood County.
“While such incidents are serious, I want to reassure you that our city’s systems remain secure and resilient,” Keith Kirby, the city’s information technology director, said to City Council.
“Over the past year, the city has made a significant financial commitment to strengthening our cybersecurity,” Kirby continued. That includes the ability to sever connections with the county and isolate the city’s system.
“We are confident that these proactive measures, combined with our ongoing dedication to improving security, position us to effectively safeguard our network and the data entrusted to us,” Kirby said.
On Dec. 9, the Wood County Information Technology Department detected ransomware on the county government’s computer network. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
Inquiries about the ransom amount demanded, and the extent of the damage to operations of county offices have gone unanswered, with concerns about security cited.
As soon as the cyber attack was found, Wood County staff began working to investigate and determine the effects of the incident, according to a press release sent out by the Wood County Commissioners’ Office.
In response, the commissioners’ office contacted law enforcement as well as nationally recognized third-party cybersecurity and data forensics consultants with whom the county is now working. The county’s information technology department and this cybersecurity team are working together to test and analyze the systems.
All questions about the ransomware attack and response are now being fielded by Wood County Prosecuting Attorney Paul Dobson, who said he is not at liberty to report much publicly.
“I recognize the interest in answers to these types of questions. However, the investigation of this incident is still underway, so we cannot speculate on impacts or actions,” Dobson responded last week. “We are focused on working with nationally recognized third-party cybersecurity and data forensics consultants and law enforcement in order to understand the scope of the incident and resolve the situation.”
On Wednesday, Dobson repeated his inability to give any specifics about the ransomware.
“The Wood County offices are continuing to operate and provide services to the public. Offices and departments have developed workarounds for systems that have been affected,” he said. “Our focus remains on working with our forensic investigators and cybersecurity experts to ensure a full and efficient resumption of services. Considering the criminal investigation into the situation, I am unable to provide additional details.”
Fire and emergency resources, including 9-1-1 service, continue to operate. Phones in county offices are still functioning. Employees in some offices are performing their jobs the old-fashioned “legacy” way – with pen and paper.
Wood County Emergency Management Agency Director Jeff Klein, who was fielding questions on the first day of the ransomware attack, said the issue was discovered the morning of Dec. 9 when several computers in Wood County governmental offices were not functioning as usual.
Firewalls were tripped, so the extent of the infiltration was halted. The county has safeguards in place to keep private information from being accessed, Klein said.
Some emergency response agencies in the county, those tied to the Wood County Sheriff’s Office computer aided dispatch system, are also being affected. Dispatchers are using paper rather than computers to perform portions of their jobs. But services to the public are not being disrupted, according to Klein.
Citizens should not see any difference in services, he said. “It’s business as usual.”
Bowling Green Police Division is one of the connected departments affected by the ransomware, with officials there unable to access some historical information on their system. It’s an “inconvenience,” but it’s not interrupting service to the public, BGPD Lt. Adam Skaff said last week.
Dispatchers are still answering the phones, and there are no delays in response times, Skaff said.
“If you call the police department, we’re still going to respond in the same timely manner,” he said.
Wood County Sheriff Mark Wasylyshyn said last week that the impacts of the ransomware are far reaching in his department. But employees are finding ways to work around the problem.
“This has not shut us down,” Wasylyshyn said. “We are functioning. Every 911 call is getting answered. Deputies are doing their jobs. We’re just doing it the old-fashioned way.”
