To end a cyber attack on the Montclair Township’s IT Department, the township’s insurer negotiated a settlement of $450,000 with the attackers.
The Garden State Joint Insurance Fund made the deal as law enforcement began investigations into possible criminal charges, Joseph Hartnett, interim township manager, said Thursday.
With the help of the insurance company, state and federal authorities, including the FBI, the attack was “resolved to the point that data critical to township business and operations has been recovered,” Hartnett said.
Some data belonging to individual users remains to be recovered, along with some data connected to outside vendors that serve the township with the storage of past records, Hartnett said.
That missing data affects the township’s ability to respond to some Open Public Records Act requests, he said.
“To guard against future incidents, the township has installed the most sophisticated dual authentication system available to its own system and it is currently up and running,” Hartnett said.
Another update — including information on the impact of the attack, how long it lasted and the status of the unrecovered data — will be shared next week, Hartnett said.
After the attack, Mayor Sean Spiller took to YouTube to inform residents of the situation.
“Our township will remain focused on protecting the system and restoring full access to our systems and services,” Spiller said in the June 6 video.
I don’t understand. The hackers got their half-a-million in ransom. How come the functionality is not fully restored? This just doesn’t make any sense. Hartnett explains above that this lack of functionality is the reason for delays in OPRA. Mr. Hartnett: please, don’t embarrass yourself and don’t insult our intelligence. How do you explain criminal delays in OPRA fulfillment during the last THREE (3) years? Please.
Given this incoherent and amateurish spin by Hartnett, I will venture a guess that his story makes more sense read the other way, namely that the cyberattack is now being used by the Town as an excuse to refuse/delay those pesky OPRAs and reappoint disappointing Clerk Nieves. “Yay! Now we have a ‘legit’ excuse.”
I’m surprised to see such behavior in a veteran manager. Perhaps he is burned out or his performance is simply declining towards the end of his career. Not unusual but always sad. He is not ending it on the highest note, for sure.
What a convenient excuse for the OPRA requests. Also why is the mayor, and not the interim to the interim town manager going on YouTube to make these announcements? Does the mayor have no idea how our town government works?
I happen to be in IT. Hartnett says that “the most sophisticated dual authentication system available” has been put in place in the wake of this ransomware attack.
Excuse me?? I work for a private corporation and we were required to put in place 2-factor authentication over 2 years ago. It was an industry standard at the time. There’s no sophistication to it, it is just current technology and common sense. Btw, we weren’t ASKED to put it in place 2 years ago – we were TOLD by our insurance company. We complied immediately.
I don’t understand why Town’s IT is waiting over two year to implement basic protection. It’s galling. It is also a testament that the Town’s IT is in ice age as far as the most basic protections against cyber attacks. Whoever is in charge of Town’s IT, should… not be.
Wait, so does it mean now they can delay OPRAs indefinitely using this sham ‘excuse’?? That’s just wrong. Jesus, maybe my parents are right about selling the house after all.
Council and it’s new Interim Manager are making lemonade out of lemons, I suppose. Let’s put the cyber-attack to a ‘good’ use, right? Jesus, can these guys be any more obvious in their relentless pursuit of secrecy? It would be funny if it weren’t tragic.
From what I understand, Clerks’s Office has been OVERstaffed because Spiller gave Clerk Nieves a second admin a while back. (No other department has two admins, and Russo rightly made this point.)
Unfortunately, that did not improve handling of OPRAs, compliance with ADA rules concerning searchability of documents, or Nieves’s availability for residents’ inquiries. Can we PLEASE bring back Linda Wanat? Or Juliet Lee? Or someone else equipped to handle the job?
5 of my OPRAs went unfulfilled.
Out of the 4 that I filed, 2 got criminally delayed (I mean, months). 2 went unanswered. I called Manager Scantlebury to see if he can help. He mumbled something about “looking into it” but sounded non-committal. I was counting on help and more decisiveness from Scantlebury and I was disappointed.
Something is fishy here. Why is this woman still holding a key position when she is clearly not equipped to handle the job? Is it because she knows where the bodies are buried? I do not care what secrets she knows about this awful, awful Council. I do not want the Town to be stuck with a subpar Municipal Clerk for decades to come. Montclair deserves better. There are QUALIFIED people out there.
I also doubt this cyberattack would have happened if all protections were in place. I hear Town’s IT Department is lacking. They don’t even offer public Wi-Fi. Most businesses, including ice cream parlors, offer public Wi-Fi but not the municipal building. What the hell!