Alabama Department of Homeland Security Director Spencer Collier on Tuesday discussed the recent cyber intrusion at the Alabama Information Services Division (ISD) and outlined action items he said the state is currently following as part of a "coordinated response".
The breach was confirmed by WSFA 12 News Friday afternoon, but authorities were not willing to confirm any additional details except that a criminal investigation was under way.
"While we are respectful of providing critical information to the public in a timely manner, this is an on going criminal investigation, and releasing sensitive information could jeopardize the process and outcome of the investigation," Director Collier said.
ISD is a part of the Alabama Department of Finance and is responsible for information technology services for the state of Alabama. The state's information technology (IT) network is deemed critical infrastructure and falls under the jurisdiction of the Alabama Department of Homeland Security (ALDHS).
After becoming suspicious of unusual activities, ISD employees self-detected that the firewall protecting the state's IT system had been breached. ISD employees subsequently notified ALDHS, according to Collier.
Collier said the Alabama Department of Homeland Security contacted state and federal authorities to open a criminal case. Simultaneously, Director of ISD Jack Doane activated a computer emergency response team to confirm that an intrusion had taken place and formulate a plan to respond.
As the Director of Homeland Security and newly appointed Senior Law Enforcement Advisor, Director Collier initiated a confidential inquiry into the matter to determine if criminal action had taken place, to assess the initial damage, and to determine the steps necessary to properly address the incident.
"We are currently conducting an extensive inquiry with our state and federal partners who are experts in their field regarding cyber security," Collier said. "We are doing everything in our power to protect the evidence, maintain the confidentiality required in a case of this nature, and to prevent future intrusions."
The Alabama Department of Finance has taken further action and has hired a leading information security company to assist in the investigation, help secure the system, and to institute tighter controls on access to eliminate the possibility of a future intrusion.
According to Jack Doane, "ISD and the computer emergency response team is working closely with the contractor on all remediation efforts. We have assembled the best team possible to preserve the evidence and to do the analysis regarding exactly what occurred. There is no way to estimate how long the forensics will take, but it could be weeks or months."
This is the information regarding the cyber intrusion that Director Collier would confirm for public knowledge:
The Alabama Department of Homeland Security knows that someone:
Obtained access into the state network, and
Used this access to examine multiple computers within the network
The ADHS has evidence that:
At least one server containing malware was used to gain access to the systems
In response to this attack, ISD:
Immediately activated a computer emergency response team to monitor network activity and contain the threat
Deployed additional firewalls to monitor and control access to State systems
Consulted with local and federal officials and State Homeland Security to assist in the investigation; a criminal investigation is on-going
Obtained the services of a national cyber security consulting firm to help collect and analyze attack data
Began thoroughly examining Internet-accessible applications to ensure they are not vulnerable to future attack
Collier said the process is ongoing of determining the extent of the unauthorized network access and the potential impact such loss may have on the citizens of Alabama.
INFORMATION SOURCE: Statement issued by the Alabama Department of Homeland Security
Friday, August 29 2014 4:33 PM EDT2014-08-29 20:33:42 GMT
South Carolina Highway Patrol is investigating a fatal wreck on Gun Range Road, between Wire Road and Highway 1.Troopers responded just after 1 p.m, according to the SCHP database.Additional details areMore >>
The Aiken Co. Coroner's Office confirmed Willis L. Purvis, 55, was returning home on his Suzuki motorcycle when he lost control of it, and was ejected. More >>
Friday, August 29 2014 4:06 PM EDT2014-08-29 20:06:26 GMT
The Red Cross of Augusta is offering safety tips for this Labor Day weekend. Experts say if you're packing up and heading out of town, bring even the things you think you won't need just in case. "MakeMore >>
The Red Cross of Augusta is offering safety tips for this Labor Day weekend.More >>