Malware attacks computer system
WEST CHESTER >> A breach of Chester County government’s computer system via an internet bug led to intense work by county computer specialists over the Presidents Day weekend, but apparently has not led to any compromise of users’ information, a county spokesperson said Tuesday.
Chester County’s Department of Computing and Information Services (DCIS) detected and late last week responded to potential malware activity on the county’s computer network, getting assistance from third-party cybersecurity consultants, said Chester County Communications Coordinator Rebecca Brain.
“At this time, there is no evidence that county information has been accessed or compromised,” Brain said in a statement. “All essential county services continue to operate, including 911 operations and emergency communications, the prison, Pocopson Home, health department, human services office, and the courts.”
Brain said that although all government offices are open to the public, some online services may be unavailable while the network continues to be tested. The county has not determined the
source of the malware, but is working with forensic investigators with the County Commissioners Association of Pennsylvania to answer that question.
The malware breach was detected on Thursday. In the early afternoon Friday, county employees were instructed not to open any attachments in emails that were in their county accounts.
DCIS staff then shut the county’s computer network down after the county offices closed while it worked to assess the damage the malware had done, if any, where it came from, and which computers it may have affected. County employees who came to work over the holiday were largely unable to access any internet functions.
Brain said that as of Tuesday, the DCIS had not located the source of the malware — software that is specifically designed to
disrupt, damage, or gain unauthorized access to a particular computer system.
In instructions issued to county employees Tuesday morning, users were instructed to reset their personal account settings for their computers and work websites.
“As part of the system of evaluation and clearing of any suspicious activity on the county network, DCIS made the decision to undertake a mandatory change in password for all county employees,” Brain said in the message.
In addition, the county decided to restrict what county employees can use their county-owned computers for — disallowing any personal use during work time to pay bills, read non-work emails, or visit personal websites.
“The need to set and maintain extremely tight controls relating to cyber security means that county policy regarding ‘incidental and occasional brief personal use of the internet’ has been revised,” according
to the instructions. “County employees are no longer able to use the internet/access websites for personal purposes via the county network.”
Finally, the county instructed its employees that any personal web-based transactions that have taken place via the county network that require login functions should be reset. That includes personal email or social media accounts and transactions involving banking or credit card information.
Brain said the county does not believe that any user who logged onto its public WiFi network, GuestNet, was affected by the malware. Anyone who used the network via that WiFi, she indicated, would not have to take the same steps to change their personal login information.
However, she did issue this disclaimer:
The county advises that anyone who has a countyissued username and password for (the) GuestNet Wi-Fi service,” such as county employees or a
county vendor, should reset their passwords for any personal web-based transactions.”
However, because Brain said that the public internet service is separate
from the county’s general network, and thus operates independently, “there is no indication that the general GuestNet Wi-Fi service” had been affected by the recent malware incident.
For more information or for assistance, county residents may call 610-3446000 Monday through Friday, from 8:30 a.m. to 4:30 p.m. or go to the county website, www.chesco.org.