The Yuba County Board of Supervisors recently approved agreements with three different IT companies to improve the county’s cybersecurity after a ransomware incident in February.
Kroll Defender and a Carbon Black software agent have been deployed to all PC workstations and servers within the county’s IT system, according to Joseph Oates, the county’s IT manager of operations and security officer.
Kroll and Carbon Black provide real-time reporting analysis while invoking automated mitigation tools.
“The services were extended while information technology staff continues to address a complex security mitigation effort to the county’s information systems infrastructure,” Oates said.
He said that although the ransomware attack disrupted county operations, all systems are now up and operating.
“Once the ransomware was contained and remediated, IT staff began the recovery effort,” Oates said. “The county had reliable backups of its data systems and was able to recover within a reasonable amount of time. The county did not pay out any ransom.”
The board also approved a modification to its contract with Planet Technologies, which had been working with the county to assist with implementing Microsoft collaboration tools in support of remote work during the pandemic. The modification added to the scope of the work Planet Technologies does to assist IT staff with implementation of Microsoft Defender Advanced Threat Protection. This is meant to prevent, detect, investigate and respond to advanced threats targeting the county network, according to Oates.
Supervisors approved the purchase of Darktrace artificial intelligence, which takes targeted action to contain threats within seconds. It’s designed to neutralize malicious emails and deliver pre-emptive protection against targeted email-borne attack campaigns.
“It’s important to keep in mind that any effort to address ransomware or other types of computer viruses is not considered preventive, as those who create those viruses are continually working to get past the firewalls of companies and government,” Oates said.
The modification of the agreement with Planet Technologies is a one-time cost of $50,000; the contract with Kroll is a one-time cost of $148,800; and the Darktrace is an annual cost of $116,000 for the next four years, according to Oates.
© 2021 the Appeal-Democrat (Marysville). Distributed by Tribune Content Agency, LLC.
