3rd Party Risk Management , Fraud Management & Cybercrime , Governance & Risk Management
Cyberattack on Records Vendor Affects Scores of US Counties
Government Offices Revert to Pen and Paper; Up to 400 Counties Affected by AttackHundreds of U.S. counties continue to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records.
See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks
The third-party vendor, Cott Systems, a cloud-based solutions provider, informed its customers that an "organized cyberattack" had hit the company systems and resulted in "unusual activity" on its servers on Dec. 26. The company responded by unplugging its servers to isolate the intrusion, Cott said in a notification shared with New York's Rockland County.
Cott Systems helps manage government data including public records, land records and court cases. The company serves over 400 local governments across 21 states and has long-standing associations with several national and international bodies, according to its website.
The server suspension forced hundreds of local governments to resort to manual processes, slowing down the processing of birth certificates, marriage licenses and real estate transactions.
The company notified the FBI and the Department of Homeland Security of the incident but says there is no "absolute" timeline for service resumption of its entire product line, which includes five systems used by local clerks and recorders to manage public and land records, property deeds and court cases.
The company did not reveal details of the threat actor responsible for the attack but said "both the FBI and DHS have indicated that they are aware of and have been investigating this particular group of criminals who operate worldwide." Cott did not respond to Information Security Media Group's request for additional details on the threat group or its indicators of compromise but said more information will be shared as the investigation proceeds.
Signs of Slowdown
The ripple effect of the cyberattack is now being noticed in various counties across the country as their work pace slows down.
At least six counties in North Carolina have been locked out of their vital records systems and have fallen back to updating records manually. "Everything is at a much slower pace," Scott Rogers, assistant manager of Nash County, told WRAL-TV. He added that the county has been unable to issue new marriage licenses or perform new real estate transactions since the attack.
A worker in Livingston Parish, Louisiana, where Cott provides e-services, told WAFB9 news agency that "the workaround has been to use pens to timestamp new filings and search through piles of physical copies to find valuable records."
County clerks from Connecticut and Mississippi also have reported similar slowdowns over the past week as services remained offline.
No Data Lost
In the notification to Rockland County on Monday, Cott Systems CEO Deborah Ball confirmed that the company's databases "are in good order" and that 93% of its infrastructure had been fixed. She added that none of the company's data whad been lost or damaged.