0:02
The Municipal Cybersecurity Awareness Grant Program is a free program offered by the Commonwealth, which delivers assignments, phishing campaigns, other tools for the management within the organization to help keep them successful.
0:16
And we're over time, we're continually evolving the program to meet the maturity of cybersecurity as it grows to ensure that the users are also growing with the technology.
0:28
My name is John Myers, I'm the Deputy CIO for the City of Lowell.
0:32
Mainly I'm operational and technical on the IT group.
0:36
April 2023 we had a cyber incident in the city of Lowell.
0:40
Woke to it on a Monday morning where most of the systems were compromised in one way or another by ransomware.
0:47
I reviewed all my emails in the morning as I normally do and based off of what I would call the tattles in my mailbox where I could see that something had been going on in the network.
0:57
In the early morning hours from about 1:50 AM till when I woke up, I already thought something was amiss.
1:04
By 6:30 rolling around, there was at least a couple emails coming into the help desk from various parts of the organization about issues with machines.
1:12
Once we were all on site, we were able to identify the severity of the systems being affected.
1:18
According to the notes that were left on machines, it was the Play Ransomware group.
1:22
As soon as I identified that there was something going on at 6:30 AM, I texted the CIO.
1:28
The CIO immediately texted the CFO and management.
1:31
I'm Midan Fernandez, chief information officer for the city of Lowell.
1:35
I've been here about 24 years and I'm responsible for all the technology throughout the organization.
1:40
On Monday, April 24th of 2023, I woke up to text messages from my deputy CIO telling me that it appeared that we no longer owned our data at the city.
1:53
As soon as we identified it as an issue, we notified because anything that impacts the city we feel like needs to be known by city management.
2:03
So overall, we'd say approximately 40,000 hours of MIS staff time were spent on the recovery process.
2:11
There is a laundry list of services available from the state and federal government, and I don't know if every municipality is aware of them and reaching out to the state and getting some of that information from them.
2:23
There is a service that might be useful for your organization.
2:27
It may not be, oh, I have a CIRP, but I really need vulnerability scanning or I need other health check services and the state has a lot of those services available.
2:38
I feel the state and the federal government help as coordination point to understand all of our requirements.
2:44
We don't always hear how the cyber criminals got into that organization.
2:49
Many times it comes down to one individual clicking on a malicious link, opening an attachment, or entering their credentials.
2:58
Cyber criminals have many tools now that make it easy for them to craft an e-mail that will fit absolutely perfectly into the context of your day.
3:09
So when you're busy and distracted and an e-mail comes through, you're very likely to click on it if you're not thinking about cybersecurity.