Following a ransomware attack that took down the county’s computer-aided dispatch (CAD) system, the Bucks County Commissioners voted on Wednesday to approve contracts with cyber forensic and legal firms.
The commissioners voted to approve a contract for cybersecurity, forensic, remediation, and eDiscovery services from CRA International Inc. for an amount not to exceed $375,000; the law department was approved for a maximum hourly rate of $1,000 with expenses for outside counsel for cybersecurity, privacy, and breach matters; and $197,925 with CDW Government for cyber security software.
The commissioners – two Democrats and one Republican – also voted to approve a Declaration of Disaster Emergency related to the ransomware attack that began on January 21. Typically, a Declaration of Disaster Emergency clears red tape for governments dealing with an unexpected incident.
“The county did not engage in negotiations with those claiming responsibility for the attack, nor did it pay any ransom to restore functionality to its systems. Rather, the county’s IT and Emergency Communications departments’ meticulous cyber maintenance and backup practices were key to the system’s quick restoration,” county officials said in a statement.
Partial use of the CAD system resumed on January 30, but full restoration has not yet been achieved. The county’s 9-1-1 phone system and radio dispatch have remained operational.
Forensic investigations have so far found no evidence that data was compromised during the attack.
The incident is under investigation by county, state, and federal authorities.
Commissioners Chairperson Diane Ellis-Marseglia, a Democrat, commended the county emergency services staff for their work through the crisis.
“The CAD took the county two years to build, and when a cyber attack took it offline our team put the system back together in just nine days,” said Ellis-Marseglia. “We’ve still got more rebuilding to do, but we’re immensely proud of the work our staff has done so far, and we’re incredibly thankful for the assistance of our partner agencies and cybersecurity vendors.”
“I am just so proud of the county and the people worked on this,” GOP Commissioner Gene DiGirolamo said.
Commissioners Vice Chairperson Bob Harvie, a Democrat, thanked the county, state, and federal authorities who have helped with the response to the cyberattack. He noted that a few years ago the county started working with the Pennsylvania National Guard, who responded last month, to test the county’s systems.
Bucks County COO Margie McKevitt and Solicitor Amy Fitzpatrick noted that the 9-1-1 staff, district attorney’s office, and other county employees were dedicated during the attack and got the system back up.
County officials have said international ransomware Akira group was behind the attack.
Leave a Comment