Pioneering cybersecurity network takes root – Sentinel and Enterprise

The list of organizations that the Play ransomware group has hacked can be found on the dark web. Play allegedly hacked into Lowell’s municipal network on April 24 and released 5 GB of data on May 11. (Courtesy of Brett Callow)

Sophisticated cyberattacks targeting the state’s municipalities and healthcare systems have demonstrated the need for a coordinated approach to limit the damage caused by these disabling hacks.

It’s been just a year since Lowell’s municipal computer network was compromised.

Online ransomware group Play claimed responsibility for the massive cyberattack, boasting that they had released 5 gigabytes of data from that theft and posted it on the dark web.

Five months later, Lowell had still not fully recovered from this network breach, leaving the city government without telephone service, email, access to financial, human resources, asset management and revenue systems, as well as other support services such as canine, business services. and marriage licenses.

In the meantime, city departments faced the daunting prospect of rebuilding servers and networks, installing new equipment, creating secure user access portals and training employees in cybersecurity.

Even in September, Lowell police reported that critical functions could not be performed from patrol car computers, forcing officers to log into community centers or police headquarters to complete their shifts – a tedious and time-consuming process.

And more recently, a far-reaching hack of a health care payment service continues to inflict severe financial pain on the state’s health care providers.

As reported by the State House News Service, the debilitating cyberattack on Change Healthcare in February cost the Massachusetts healthcare system approximately $24 million per day, forcing healthcare providers to seek financial assistance from health insurers.

The Massachusetts Health and Hospital Association estimated the average daily cost from the attack at $24,154,000, based on a survey reflecting responses from 12 hospitals and health care systems.

“Depending on how long it lasts, it’s like a snowball effect,” Karen Granoff, MHA’s senior director of managed care, told the News Service at the time. “The longer you don’t get paid, the more problems you get into.”

UnitedHealth Group said its Change Healthcare system — a revenue and payment cycle management provider that connects payers, providers and patients across the U.S. healthcare system — would be restored by the end of March.

However, in mid-April, UnitedHealth Group said it was still working to eliminate “the impact on consumers and healthcare providers of the unprecedented cyberattack on the U.S. healthcare system and Change Healthcare services, while continuing to expand financial assistance to affected healthcare providers.”

It has become clear that whatever precautions – whether implemented in the public or private sector – have proven insufficient to prevent these costly attacks.

Last year, municipalities, regional school districts and other local government entities could apply for up to $7.2 million in funding through a municipal local cybersecurity program. However, requests from individual applicants were limited to $100,000.

Another $1.8 million, available through the State Share Cybersecurity Grant Program, also gave local governments the opportunity to apply for up to $100,000 in federal funding.

In a state that includes 351 cities and towns – plus the Devens Economic Development Zone – these enticements fell far short of realizing what these communities and institutions need.

A recently established public-private partnership aims to fill this gap in cybersecurity oversight.

On April 10, the nonprofit CyberTrust Massachusetts announced the launch of critical new cyber assessment and monitoring services, which will give the state’s cities and towns access to new capabilities that will help stem the trend of escalating cyber attacks, ransomware, infrastructure disruption and prevent data leaks.

This initiative will get off the ground with a program sponsored by Plymouth County for all of its municipalities.

Founded in 2022, CyberTrust Massachusetts brings together a consortium of university and industry partners from across the state to grow and diversify the cyber workforce and strengthen the security of under-resourced entities, starting with cities and towns.

This diverse association prompted the creation of a statewide Security Operations Center, with a temporary facility on the Bridgewater State campus, to be followed later this year by a permanent location, along with another at Springfield Union Station, led by Springfield Technical Community College. and other schools in the area.

“Massachusetts has taken a unique approach to solving the related challenges of cyber workforce development and local government cybersecurity through a partnership between business, higher education and government. For local communities, this means access to leading cyber solutions, with trusted advice and support, at an affordable price,” said Peter Sherlock, CEO of CyberTrust Massachusetts. “CyberTrust Massachusetts, the communities we serve and our member colleges appreciate the role of the Massachusetts State Legislature and the Healey-Driscoll Administration through its Mass Tech Collaborative in providing financial support and programmatic guidance to enable us develop a ready workforce and protect those who are underserved,” said Jay Ash, former Secretary of Housing and Economic Development and President of CyberTrust Massachusetts.

Last October, the Healey-Driscoll administration demonstrated this support by announcing a $2.3 million grant to CyberTrust Massachusetts through the MassTech Collaborative’s MassCyberCenter.

It may not be an overnight answer to all the cybersecurity challenges facing municipalities and other entities, but it promises to provide a foundation for comprehensive cyber expertise at an affordable price.