Groundbreaking cybersecurity network takes root – Sentinel and Enterprise
The list of organizations that the ransomware group Play has hacked as found on the dark web. Play allegedly hacked Lowell’s municipal network on April 24, and released 5GB of data on May 11. (Courtesy Brett Callow)
Sophisticated cyberattacks targeting the state’s municipalities and health-care systems have demonstrated the need for a coordinated approach to mitigate the damage caused by these incapacitating hacks.
It was just a year ago that Lowell’s municipal computer network was compromised.
The online ransomware group Play claimed responsibility for the massive cyberattack, boasting that it had released 5 gigabytes of data from that theft and posted it to the dark web.
Five months later, Lowell still hadn’t fully recovered from this network breach, which had left city government without phone service, email, access to financial, human resources, asset management and revenue systems, as well as other ancillary services like dog, business and marriage licenses.
In the interim, city departments faced the daunting prospect of rebuilding servers and networks, installing new equipment, creating secure user access portals and training employees in cybersecurity.
Even by September, Lowell police reported that critical functions could not be conducted from patrol car computers, forcing officers to log on at neighborhood precincts or police headquarters to complete their shift work — a tedious, time-consuming process.
And more recently, a far-reaching hack of a health-care payment service continues to inflict serious financial pain on the state’s health providers.
As reported by the State House News Service, the debilitating February cyberattack on Change Healthcare has cost the Massachusetts health-care system about $24 million a day, forcing care providers to seek financial relief from health insurers.
The Massachusetts Health and Hospital Association pegged the average daily costs stemming from the attack at $24,154,000, based on a survey that reflects responses from 12 hospitals and health systems.
“Depending on how long it lasts, it’s just like a snowball effect,” Karen Granoff, MHA’s senior director of managed care, told the News Service at the time. “The longer you don’t get paid, the more you’re going to have problems.”
UnitedHealth Group said its Change Healthcare system – a provider of revenue and payment cycle management that connects payers, providers, and patients within the U.S. healthcare system – would be restored by the end of March.
However, as of mid-April, UnitedHealth Group stated it’s still working to eliminate “the impact to consumers and care providers of the unprecedented cyberattack on the U.S. health system and the Change Healthcare services, while continuing to expand financial assistance to affected providers.”
It’s become obvious that whatever safeguards – whether in the public or private sector – being employed have proved insufficient to prevent these costly attacks.
Last year municipalities, regional school districts and other local government entities were able to apply for up to $7.2 million in funds through a Municipal Local Cybersecurity Grant Program. However, individual applicant requests were limited to $100,000.
Another $1.8 million, available through the State Share Cybersecurity Grant Program, also allowed local governments to request up to $100,000 in federal funding.
In a state comprising 351 cities and towns – plus the Devens Economic Development Zone – these enticements fell far short of realizing what these communities and institutions require.
A recently created public-private partnership aims to fill that cybersecurity oversight void.
On April 10, the nonprofit CyberTrust Massachusetts announced the launch of critical new cyber assessment and monitoring services, which will give the state’s cities and towns access to new capabilities that will help reverse the trend of escalating cyberattacks, ransomware, infrastructure disruption and data breaches.
This initiative will get off the ground with a program sponsored by Plymouth County for all of its municipalities.
Formed in 2022, CyberTrust Massachusetts brings together a consortium of college and industry partners from across the state to grow and diversify the cyber workforce and to strengthen the security of under-resourced entities, beginning with cities and towns.
This diverse association prompted the formation of a statewide Security Operations Center, with an interim facility located on the campus of Bridgewater State, to be followed by a permanent site later this year, along with another at Springfield Union Station, led by Springfield Technical Community College and other area schools.
“Massachusetts has taken a unique approach to solving the related challenges of cyber workforce development and local government cybersecurity through a collaboration of business, higher education and government. For local communities, this means access to leading cyber solutions, with trusted advice and support, at an affordable price,” stated Peter Sherlock, CEO of CyberTrust Massachusetts. “CyberTrust Massachusetts, the communities we serve and colleges who are members appreciate the role of the Massachusetts State Legislature and the Healey-Driscoll Administration through its Mass Tech Collaborative for providing funding support and programmatic guidance to allow us to train a ready workforce and protect those who are underserved,” said Jay Ash, a former state secretary of Housing and Economic Development and chair of CyberTrust Massachusetts.
Last October, the Healey-Driscoll Administration demonstrated that support by announcing a $2.3 million grant through the MassTech Collaborative’s MassCyberCenter to CyberTrust Massachusetts.
It may not be an overnight answer to all the cybersecurity challenges municipalities and other entities face, but it promises to produce a foundation of comprehensive cyber expertise at an affordable price.