The Anderson County Commission met Monday night and re-elected Steve Emert as Chairman and Tim Isbel as Vice Chair.
The Commission also received an update on the computer security breach discovered by county officials in late July. The breach is being investigated by law enforcement and sources tell WYSH that it may be nearing its conclusion. The scope and nature of the breach has not been divulged and while it is unclear what type of information may have been compromised, officials have urged all county employees to closely monitor all of their accounts for any suspicious or unauthorized activity.
The Commission approved spending around $105,000 for identity theft protection services for all county employees.
During the update, Finance Director Natalie Erb detailed the findings of an IT consultant working with the county to address the breach and increase digital security protocols. The report states that “the IT systems and operations that were in place were not secure. The information and data were left open and vulnerable to numerous risks. The controls and safeguards were inadequate and ineffective, and there was potential for fraud to occur.”
The report found that administrative and user passwords were weak and followed a known sequence. Those passwords have now been reset and are confidential to individual users.
The analysis found that the firewall was not logging accurately and in fact were being overwritten every 24 hours, which erased the log-in trail. That deficiency has now been addressed and the logs are being properly maintained.
None of the jacks or wires in the computer server area were labeled and several blind feeds into the Courthouse were discovered. The IT consultant performed a network audit of the Courthouse, which turned up a device commonly referred to as a “man-in-the-middle” as well as several unknown switches in the maintenance rooms. In layman’s terms, the man-in-the-middle device intercepts emails and sends them not only to their intended destination but also makes a copy and sends that to an unknown, third-party location.
Officials also found that the Courthouse badging system, which records access to county offices, was open internally and externally through an open port. A separate badging system was also found to be in place, unbeknownst to county officials, activity on which was not recorded on a known server. The second badging system was removed and placed into the custody of the Human Resources Department. The legitimate badging system’ password has been changed and the open port removed.
Going forward, officials are recommending the adoption of a strategic IT design to make the system faster and more secure. County leaders are also working toward hiring a dedicated IT specialist maintain the system.