County officials taking precautions against cyber breach

Kitsap County officials are taking precautionary measures to ensure what happened to a Bellevue business doesn’t happen here: A “brazen attempt” to gain access to the city's data center and communications equipment.

By Chris Chancellor • June 12, 2014 1:32 pm
Tags:

Kitsap County officials are taking precautionary measures to ensure what happened to a Bellevue business doesn’t happen here: A “brazen attempt” to gain access to the city’s data center and communications equipment.

Bud Harris, director of Kitsap County’s Department of Information, said a person recently impersonated being a CenturyLink employee to infiltrate the Bellevue business’ computer system.

While Harris acknowledged that Kitsap has not been targeted by any similar schemes recently, he felt it was important to send employees a reminder June 4 of the county’s operating procedures. Among the bullet points:

• No one other than employees should be allowed to enter non-public space to gain access to building equipment or technology communication closets (both data and telephone equipment).

• All county facilities maintenance and information services staff are required to carry county-issued picture identification; employees should not hesitate denying access to anyone that cannot provide proper identification.

• Any concerns or need to validate someone attempting to gain access should be directed to facilities maintenance.

Harris said he and his staff work with county employees on steps they can take, such as the value of creating complicated passwords, to help thwart security breaches.

“In the last few years, there’s been a lot more emphasis because of all of the cyber-security issues,” he said. “The biggest common factor to breaches is human error. A big part of [prevention] is training.”

He said those mistakes usually are not related to impostors trying to access a system, but someone sending out spam email that fools the recipient. For example, a spam email could indicate that an employee owes money to the IRS.

“The bigger issues recently are Third World countries are becoming more proficient at phishing schemes,” Harris said. “If you can get one person to suck into that, the malware is so sophisticated that it will hop from [computers] and infiltrate our network.”

For precautionary reasons, Harris did not want to detail firewall and other computer security upgrades the county has invested in.

 

Tags: