The city of Port Lavaca was hit with an aggressive computer virus last week, and the battle continues one week later.
Shortly after 5 pm, Monday, Feb. 3, the city was hacked and taken over by the virus, and according to James Dale, the City’s IT Contractor, “The agents generally strike after hours expecting no one to be working on the system. We were in the process of improving security for the city’s infrastructure and were able to stop the attack mid-course.”
Mayor Jack Whitlow declared the city in a state of emergency Feb. 4 and extended the declaration one week on Feb. 10.
According to a press release, the individuals that attacked the city were able to do significant damage to disable the city’s computer system.
“The attack brought down our billing system. Our online and auto payment systems are out of service, and we have gone back to our older collection process. We will need to rebuild portions of our database in order to get the system back to full operational status,” City Manager Bill DiLibero said.
As of Feb. 10, the city has transferred its email system to Google Services, which has a higher protection level for viruses, according to DiLibero.
The city has made progress in rebuilding itself back to normal operating status, but there is not a timetable on when that will be.
DiLibero announced, during the city council meeting Feb. 10, the city has a network in operation and a computer in each department on the network, along with the main printer and copier, which has a new hard drive in it.
In addition, DiLibero stated the city ordered a new server to be able to take secure files, check them for data, and put them on the new server.
“If they are clean and data is available, we will be able to get that online once the network is back in operation,” DiLibero said.
In case there is a future attack, the city is working on pricing to establish a cloud-based backup system.
“We reviewed the budget to see what funds were available in contingency, so that we will be able to support some of the expenses that we have,” DiLibero said.
Midway through the meeting, the council retired into closed session to discuss retaining a legal team to help with legal issues, data, and analysis around the attack.
The city approved to retain a law firm and authorized an amount up to $10,000 from the emergency contingency funds to be allocated to the services required that the city’s insurance does not cover.
Secondly, the Council authorized $45,000 from the contingency funds to be allocated towards the purchases of services and hardware related to the IT network and infrastructure.
Whitlow stated there are other ongoing investigations that are considered confidential until the forensics and state investigations are done.
The city has worked with State and Federal agencies to address this attack. DiLibero stated the city is working with companies associated with our Municipal League Insurer to assist in the recovery of encrypted data and cleaning individual workstations.
The city is not alone in facing these attacks. Both Jackson County and the city of Ingleside have recently faced similar attacks. During the time of the Port Lavaca attack, the Department of Information Services was working with a number of cities in North Texas who had also just been attacked, according to DiLibero.
The Wave will follow the story and provide updates throughout the week.