Connect with us

Hi, what are you looking for?

News

Cybersecurity attack leads to warning

Security concept: Lock on digital screen, contrast, 3d render

A cybersecurity attack threatened the State of Alabama’s computing network in December, prompting the Office of Information Technology to issue a warning for state workers to change passwords and to monitor workflow more carefully because fraudulent invoices and purchase orders were being sent to the Department of Finance and internal agencies’ accounts payable.

According to the memorandum obtained by APR, “On Tuesday, December 17, 2018, the Office of Information Technology discovered an active cyber security event in the State’s cloud environment.” To counter the security breach, OIT recommended that every state employees—some 40 thousand individuals—change their passwords “immediately,” adding “it would be prudent to change any personal passwords that have been in use for more than 6 months.”

While stating, “the bad actors have been identified by IP address and blocked where possible,” OIT cautioned that agencies should, “Limit data that appears on public-facing websites.” Have set workflows and checks in place for making payments to vendors and further alerted agencies too, “monitor accounts closely.”

OIT says it believes the fraudulent invoices and purchase orders were, “generated from information gathered from the internet and other public sources.”

No additional information was provided on how many agencies were affected by the security breach, but OIT Chief Security Officer Ryan Allen said no sensitive data was compromised.

”The State of Alabama defends against millions of attacks every week,” Allen said last month. “Earlier this week we detected multiple threats against state cloud email accounts.  We recommended all users change their passwords out of an abundance of caution.  Fraudulent invoice scams are common amongst all business and several agencies reported them this week, prompting us to include a warning along with the recommendation to change passwords.”

OIT has been plagued by internal strife, lavish spending and scant oversight since its inception under disgraced former Gov. Robert Bentley.

Advertisement. Scroll to continue reading.

Pallets of Phones Gather Dust Under Newton’s Orders

The Gov. Kay Ivey administration early on moved to rein in the department with significant management changes. However, many who work at OIT claim massive incompetence still bedevils the department.

Written By

Bill Britt is editor-in-chief at the Alabama Political Reporter and host of The Voice of Alabama Politics. You can email him at [email protected] or follow him on Twitter.

DIG DEEPER

Congress

Brooks told a Slate reporter he'd been warned things could turn violent, so he slept in his office and wore body armor.

State

Ivey commended Ward for his work as director of the Alabama Bureau of Pardons and Paroles, which he began in November.

Opinion

"Birmingham is on that path to the future. It is a path of diversity, equity, and inclusion."

National

Brooks claimed his Jan. 6 speech was simply part of his job as a congressman. The DOJ disagreed.