Media Coverage
Source: Wall Street Journal, Cybersecurity Dive, Newsday
Media Coverage
Press Contacts: Erik Cummins, Matt Hyams, Taina Rosa, Olivia Thomas
09.19.24
In September 2022, a ransomware attack in Suffolk County, New York resulted in a months-long disruption of the county’s government services, costing the community more than $25 million in remediation costs, among other expenses.
Following the attack, Corporate Investigations & White Collar Defense partner Richard Donoghue served as special counsel to the bi-partisan Suffolk County Legislature’s Special Cyber Intrusion Investigation Committee and launched an investigation into the cyber breach. Last week, the special committee released its report—authored by Donoghue and Pillsbury associate Antonia Post—detailing their findings and deeming county officials partially responsible due to their failure to address known IT system vulnerabilities, have an incident response and recovery plan, and appropriately respond to the FBI’s warnings of potential infiltration.
In an interview with Wall Street Journal, Donoghue noted that other local governments can learn from the missteps taken by the county’s cybersecurity management.
“The most valuable lesson is that a threat to any part of the environment is a threat to the entire environment,” he said.
According to the report, many of the county’s firewalls and other cybersecurity systems were outdated, a “pass-through” was created in a perimeter firewall that allowed internet traffic to cross into the county’s environment unscreened, and county IT personnel failed to appropriately heed malware alerts.
As such, Donoghue told Newsday that the attack was “not the result of a single point of failure” but rather a “combination of fragmented and in some cases outdated systems, inadequate staffing, planning and training, and insufficient attention to the warning signs of the attack that was underway.”
Nevertheless, Donoghue said the firewalls have been updated, the “pass-through” has since been closed, and the county has taken additional steps to increase its cybersecurity, according to coverage by Cybersecurity Dive.
“Ultimately, it was a confluence of complex and fragmented systems, negligent management over time and aggressive cyber [criminal] groups,” Donoghue added. “But the flags were being thrown for years.”