ALDHS details cyber intrusion of Alabama IT system - WFXG FOX54 Augusta - Your News One Hour Earlier

ALDHS details cyber intrusion of Alabama IT system

Posted: Updated:
MONTGOMERY, AL (WSFA) -

Alabama Department of Homeland Security Director Spencer Collier on Tuesday discussed the recent cyber intrusion at the Alabama Information Services Division (ISD) and outlined action items he said the state is currently following as part of a "coordinated response". 

The breach was confirmed by WSFA 12 News Friday afternoon, but authorities were not willing to confirm any additional details except that a criminal investigation was under way. 

"While we are respectful of providing critical information to the public in a timely manner, this is an on going criminal investigation, and releasing sensitive information could jeopardize the process and outcome of the investigation," Director Collier said.

ISD is a part of the Alabama Department of Finance and is responsible for information technology services for the state of Alabama. The state's information technology (IT) network is deemed critical infrastructure and falls under the jurisdiction of the Alabama Department of Homeland Security (ALDHS). 

After becoming suspicious of unusual activities, ISD employees self-detected that the firewall protecting the state's IT system had been breached. ISD employees subsequently notified ALDHS, according to Collier.

Collier said the Alabama Department of Homeland Security contacted state and federal authorities to open a criminal case. Simultaneously, Director of ISD Jack Doane activated a computer emergency response team to confirm that an intrusion had taken place and formulate a plan to respond.   

As the Director of Homeland Security and newly appointed Senior Law Enforcement Advisor, Director Collier initiated a confidential inquiry into the matter to determine if criminal action had taken place, to assess the initial damage, and to determine the steps necessary to properly address the incident.   

"We are currently conducting an extensive inquiry with our state and federal partners who are experts in their field regarding cyber security," Collier said. "We are doing everything in our power to protect the evidence, maintain the confidentiality required in a case of this nature, and to prevent future intrusions."

The Alabama Department of Finance has taken further action and has hired a leading information security company to assist in the investigation, help secure the system, and to institute tighter controls on access to eliminate the possibility of a future intrusion.   

According to Jack Doane, "ISD and the computer emergency response team is working closely with the contractor on all remediation efforts.  We have assembled the best team possible to preserve the evidence and to do the analysis regarding exactly what occurred.  There is no way to estimate how long the forensics will take, but it could be weeks or months." 

This is the information regarding the cyber intrusion that Director Collier would confirm for public knowledge:  

The Alabama Department of Homeland Security knows that someone:

  • Obtained access into the state network, and
  • Used this access to examine multiple computers within the network

The ADHS has evidence that:

  • At least one server containing malware was used to gain access to the systems

In response to this attack, ISD:

  • Immediately activated a computer emergency response team to monitor network activity and contain the threat
  • Deployed additional firewalls to monitor and control access to State systems
  • Consulted with local and federal officials and State Homeland Security to assist in the investigation; a criminal investigation is on-going
  • Obtained the services of a national cyber security consulting firm to help collect and analyze attack data
  • Began thoroughly examining Internet-accessible applications to ensure they are not vulnerable to future attack

Collier said the process is ongoing of determining the extent of the unauthorized network access and the potential impact such loss may have on the citizens of Alabama. 

INFORMATION SOURCE: Statement issued by the Alabama Department of Homeland Security

Copyright 2013 WSFA 12 News.  All rights reserved

Powered by WorldNow