A few years ago, while visiting old friends in a major metropolitan midwestern city where I grew up, I had the chance to meet an old friend who was working part-time as an IT consultant for a city suburb. This city had its own network and a municipal level court system network. He told me they were hit three times in the recent past by hackers. I asked if any law enforcement agency investigated it and his answer was, “no, we back-up our data every evening and just recovered the following day.” I asked if the hackers stole any court documents, and he said no. Well, that didn’t sound very good to me, but figured they had a recovery process down and were comfortable with the recent results.
Well just a few days ago, the Ohio Lawrence County Recorder's Office has been dealing with one of its vendors getting hit with a cyber-attack. Lawrence County is the southern most point in Ohio. On 7 January 2023, the Lawrence County Recorder posted to Facebook that the FBI and Homeland Security were investigating a cyber-attack aimed at Cott Systems, a Columbus, Ohio-based company that provides government agencies with public records management software. "As of now, there is no access to deeds, mortgages or other records filed electronically with the recorder's office," the Recorder posted. "While the investigation is being completed, they are also working with us to identify ways to securely rebuild processes and restore functionality. There are many steps involved in the recovery from this cyber-attack."[1]
Having started my career in local governments, I try and keep a keen eye on those type attacks. It has been my experience that many small, local governments just don’t have the expertise and budget to safely protect their network. Governments have a boat load of pii information that a criminal hack can use to commit a whole host of criminal fraud.
It is the responsibility of the Recorder's Office to make a complete, accurate and permanent record of every document pertaining to the conveyance and encumbrance of land within Lawrence County. They also enforce more than 1,000 sections of the state law in the Ohio Revised Code pertaining to their duties. The Recorder described Cott Systems as an industry leader for recording, imaging, and searching land and court records, with over 400 active systems across 21 states. Cott Systems said they identified some unusual activity on its servers on 26 December 2022. "In an abundance of caution, we disconnected all of our servers to isolate that activity within our environment," the company said. "We then immediately engaged cyber specialists to investigate the event and they began a forensic analysis. It has been determined that Cott Systems is the victim of an organized cyber-attack."
The company then notified the FBI and Homeland Security, both of which "indicated that they are aware of, and have been investigating, this particular group of criminals who operate worldwide. We will be sharing information as we proceed," the company said. It didn't state the name of the criminal group or what country they operated out of. "We are working 24x7 with the forensic specialists to review all affected systems. While this is being completed, they are also working with us to identify ways to securely rebuild processes and restore functionality," Cott Systems said.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.govtech.com/security/fbi-investigates-cyber-attack-against-ohio-county-vendor
Comments