As The Chronicle continues to closely follow the impact of a disruption of the City of St Helens telephone, email and computer systems, we have learned the the City is now using a third party forensic IT firm that specializes in cyber security as it continues its investigation.
The following are new details in this ongoing investigation from the City of St. Helens Communications Officer Crystal Farnsworth.
The Chronicle: At any time during the offline issues, were any City of St. Helens customers' personal data compromised?
Crystal Farnsworth: At this time, we have no reason to believe that any personal data was compromised. An outside forensic IT firm is currently going through all data to ensure this is true. If anything changes in the future, the City will promptly inform our community and customers.
The Chronicle: At any time during the offline issues, was any sensitive and personal City data compromised?
Farnsworth: At this time, we have no reason to believe that any sensitive or personal city data was compromised. An outside forensic IT firm is currently going through all data to ensure this is true. If anything changes in the future, the City will promptly inform our community and customers.
The Chronicle: What would be the estimated cost for the systems offline repair?
Farnsworth: This past year, the City increased its IT security insurance in response to many communities around the world getting hit with cyber threats. The City felt at the time that it was worth the extra money to increase our coverage liability. That increase in liability coverage has helped cover all of the costs so far of investigation and resolution with the current situation.
The Chronicle: Specifically, what is the City doing now to protect the emails, phones and computer systems so this doesn't happen again?
Farnsworth: As the City has always done, we will continue our security checks, backups, and increase training for employees to help identify potential threats on the system. Certain aspects of cyber security are in many ways very new to many government agencies, particularly as different types of cyber attacks evolve from day-to-day.
This is especially true for smaller communities like St. Helens and others that have been hit recently and in the past. The City was very fortunate that it had a number of security measures already in place to block many of the potential threats we see.
As many cities do, we discuss options and ideas on a day-to-day basis internally as well as with other agencies to compare notes, ideas, and discoveries. This situation is no different. There is no full-proof 100% clear blockage to stop things like this from happening just like we have seen with many government agencies and private companies that deal with these issues.
The goal is to block as many attacks as possible and have a plan in place to mitigate as much risks as you can and be prepared. With assistance from our internal and external IT support, the City of St. Helens was fortunate to have mitigated this specific risk with, as it appears right now, no loss of customer or personal information.
The Chronicle: Has the City been able to isolate the cause of the systems disruption?
Farnsworth: Our internal and external IT support believe that we have found the cause and it was mitigated to bring our systems back online. The IT forensic group will make a final determination before official cause is released.
The Chronicle: Again, is it possible to give us some indication of what was first noticed by City employees that resulted in the systems disruption?
Farnsworth: There is still an active assessment happening of our system. Until all data has been reviewed and a final determination from the forensic IT firm has been made, we are not releasing specific details. Our computer systems are up and running again and the city is functioning normally right now.
The Chronicle: Is law enforcement currently conducting a criminal investigation into the City of St. Helens systems disruption? Which law enforcement agency is involved?
Farnsworth: Our local law enforcement is not involved in the investigation. Our insurance has provided us a third party forensic IT firm that specializes in this type of cyber security and investigation. Once that investigation is complete, the City will release a final statement.
Follow this developing story here online and in the Wednesday print editions of The Chronicle.