Earlier this month, Shelby County's IT network was subject to an effort to access information by an overseas third party.
The incident occurred on March 2. In a statement provided by Shelby County Commissioner Jason Abel, the access was detected and stopped by the Shelby County’s network administrator, who after restoring normal operations, began a review of the event and its potential impacts immediately.
Abel emphasized that all indications are that information was not accessed. He noted that had evidence suggested information had been accessed, the county would have immediately reached out to affected individuals as required by Indiana code and best practices.
Of particular concern to Shelby County are the records of various departments that rely on the Shelby County IT network.
In the written statement describing the attempted access, according to the county’s network administrator, the data set that was attempted to be controlled is several terabytes in size, and that to acquire the data, the data set had to be downloaded.
Several factors indicate that information was not accessed. Such as, the limited time of access, the transfer speed of the network, the size of the data set in question, and the network traffic at the time of the incident. Those factors show the unlikelihood that data in question was transferred to an unauthorized third party.
Work has been done to repair concerns related to the network. Since the event, Shelby County’s IT administrator has restored operations to a normal state, using the data backups that are regularly made to protect the county from potential ransomware attacks. The IT administrator also made changes to the network itself, including removing the vulnerability and installing software to better track attempts of unauthorized access to the network.
Commissioner Abel says no ransom demands were expressed regarding the information.
Out of an abundance of caution, and to better ensure state and federal officials were aware of any potential large-scale vulnerabilities, the county IT administrator and the Shelby County Sheriff’s Department both contacted state and federal offices tasked with monitoring cybersecurity matters.
Get the most recent Shelby County Post headlines delivered to your email. Go to shelbycountypost.com and click on the free daily email signup link at the top of the page.