Kenai, Soldotna boost cybersecurity

By Victoria Petersen • October 3, 2018 8:58 pm
Tags:
A workers sits a computer at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Wednesday, Aug. 22, 2018. The center serves as the hub for the federal government’s cyber situational awareness, incident response, and management center for any malicious cyber activity. (AP Photo/Cliff Owen)
A workers sits a computer at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Wednesday, Aug. 22, 2018. The center serves as the hub for the federal government’s cyber situational awareness, incident response, and management center for any malicious cyber activity. (AP Photo/Cliff Owen)

The cities of Soldotna and Kenai have boosted security on their entity’s digital infrastructure after a detrimental attack affected the Matanuska-Susitna Borough network earlier this summer.

The Mat-Su Borough is still reeling from the damage of a malware attack discovered July 31. The borough’s entire network, 150 servers, 500 workstations, and computers had to be rebuilt and restored. Borough services are slowly coming back online, with the most essential services being restored at the end of September, and into the first week of October, according to a Sept. 30 update from the Mat-Su Borough.

To prevent such an attack on city networks, both Soldotna and Kenai are including more training for their employees.

In the wake of the Mat-Su malware attack, Kenai is now requiring their employees to take part in additional training that includes fake phishing emails and other scenarios for employees to be aware of, City Manager Paul Ostrander said.

“You’re never 100 percent secure,” Ostrander said. “You prepare as well as you can. Training our employees is part of that.”

In Soldotna, City Manager Stephanie Queen said the city does several things to protect IT infrastructure against cyber attacks, including an employee training.

“Phishing emails are particularly common, and hackers have become much more sophisticated in recent years,” Queen said. “These emails can be difficult to detect, often appearing as if they’re from a real person you know, sometimes even a co-worker from within our organization. Without thinking, a person can click on an attachment that has a virus or malware embedded, that then runs in the background of the system for weeks or months, collecting keystrokes and sensitive information such as passwords and login credentials.”

In Soldotna, the required training has been in place for over five years and occurs both during the initial hire and then annually thereafter.

“We have to stay diligent, and create a culture where our employees are skeptical of any unsolicited emails that have attachments,” Queen said.

Queen said the city has invested in off-site storage for data and files, which has been off-site for about six months.

“If our primary network is breached and the data is lost, we would hopefully be able to revert back to an earlier version and suffer only a minor loss of time and productivity,” Queen said.

Soldotna has also periodically brought in outside consultants to evaluate their system for potential weaknesses and improvements.

“Though we have a full-time IT Manager, the technology and the threats continue to evolve, and it’s helpful to have professionals with expertise in these areas to make sure we’re keeping up with the times.”

Tags: