PELL CITY – Officials said hackers attempted to breach the St. Clair County computer system, but no county or personal information or data was accessed.
“I think our IT people were right on top of it,” said St. Clair County Commission Chairman Stan Batemon.
An email with an attachment with the name of a real county employee was sent to other county employees two weeks ago. Information technology (IT) employees spotted the suspicious email with the attachment.
Assistant IT Manager John Myers said the county’s IT department sent out emails warning employees not to click on the attachment.
“Soon after, we were flooded with people saying they had already clicked on it,” Myers said. “So, that raised the alarms tremendously, and we went into armory mode.”
He said this is something that we live with, in this time and age.
“We shut down a lot of activity,” Myers said. “We interrupted productivity. Unfortunately, it was something we had to do because number one, we had to triage the situation. Once we triaged it, we had to figure out the extent of the infection, and then we had to have a procedure in place with what we were going to do to address it.”
He said the IT department worked with the county’s security company, ICS.
“After a lot of due diligence on their part and ours, we found out at a high level what this thing did,” Myers said.
The authentic-looking email and attachment was an attempt to steal passwords from county employees.
Myers said passwords were reset for all employees, and security monitors were placed on any infected machines to monitor all traffic going to and out of the machines in question.
He said they blocked all access to the site that the email originated from, which he said was a legitimate site.
“As far as affecting the machine that started this, that person’s account has been totally wiped off the face of the earth,” Myers said. “We created a new account, brand new fingerprint, cleaned the machine and put it back into operation.”
He said the attack did not completely shut down county work or services.
Myers said the county computer system still functioned, but there was about a 32-36-hour window of interruptions.
He described the attempt to access the county computer system as a common “phishing scheme.”
Myers said county employees have gone through training to help them identify possible hacking attempts.
“Our education that we have mandated every year really hit on these things, but there again, in my industry the weakest link in our security is the user,” Myers said. “All we can do is prepare the end user the best we can to cope and fight.”
