Officials at Suffolk County, New York, have disclosed that significant cybersecurity lapses have brought upon the major ransomware attack last September, which compromised nearly 500,000 residents' personal data, reports WNYW-TV.
Threat actors leveraged a vulnerability to infiltrate County Clerk servers eight months prior to attacking the county, according to a 40-page forensic report on the incident conducted by a third-party cybersecurity firm.
"[The report] described in great detail the eight months that the criminal actors spent in the Clerks office installing bitcoin mining software, creating fake accounts," said Suffolk County Executive Steve Bellone, who noted that a presence of a county chief information security officer could have averted the incident.
Only 1.6% of Suffolk County's systems have been affected by the attack and the county has been able to restore over 95% of its services without paying any ransom.
"We're in a better position than we were before, and we can move forward with remote access coming soon," said Chief Deputy County Executive Lisa Black.
Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.
Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news