(844) 627-8267
(844) 627-8267

MGSU cybersecurity expert explains cyberattack response process | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Alan Stines at Middle Georgia State University says a possible breach will have teams searching through all the servers for the problem.

MACON, Ga. — Macon-Bibb County says 90% of their systems are back online after a possible data breach.

They haven’t said much about what’s going on, or what they’ve done to combat the problem, but Alan Stines, a Middle Georgia State cybersecurity expert, says they’re handling it well. Stines says most local governments have plans in place for situations like these, and their systems are quick to let them know when something is wrong.

“The first thing that you want to do is first, confirm that,” Stines said.

There’s a number of ways to confirm a data breach. The most common way is something you might have heard from your IT department: Turn it off and back on again.

“That might mean turning some systems off, or disabling some systems until you can try to isolate the problem,” Stines explained.

That’s what the county did, ruling out different departments until they got most systems back up. They did it to prevent damage and Stines says that’s the right call.

“A lot of modern malware these days can actually move from computer to computer or from network to network. So, the more that you can turn off the faster, the less impact, hopefully that you can have across your organization,” Stines said.

He says from that point, they’d search through all the networks and servers to find the problem. There’s no timeline for that.

“‘Nothing looks bad over here. Let’s stand those up and make sure they’re OK,'” he said, explaining the process. “Then you monitor and you keep monitoring. If you’re not triggering those alerts that I mentioned before, then you’re probably OK.”

After that, you need to move on carefully.

“You don’t want to bring back online the compromised systems that were there in the first place. Because then you have the potential of things running amok again,” he said.

Stines says in most situations, all an IT department needs is time. The county’s used that time to restore most of their online services. That includes their See Click Fix problem reporting site and some bill payment services.

As of last Friday, the tax commissioner’s office could not accept property tax payments.


Click Here For The Original Source.

National Cyber Security