question: as jacksonville today Reader Duke L. observes that Jacksonville Beach still appears to be suffering from a cyberattack that occurred in late January and may have temporarily shut down city services.
Jacksonville Beach city officials first reported on January 29th that a “cybersecurity event” impacted digital infrastructure. The incident shut down City Hall and most city facilities, and disrupted employee email and online activity. The incident also initially affected the city's accounting functions.
City Hall reopened within days. The latest statement said most employees were able to work online and Beaches Energy and the city's pollution control and water facilities were fully operational.
But just last week, Duke noticed that City Council meetings were not being livestreamed. “There really doesn't seem to be any documentation other than the minutes of the meeting that were distributed a few weeks later,” he wrote. jacksonville today.
And they wonder why the city won't provide more information about what actually happened or whether the situation has been resolved.
answer: The city has not released the official cause of the cybersecurity incident, saying only that its IT team and security experts are conducting a forensic investigation.
When asked what exactly happened, Mayor Christine Hoffman said: jacksonville today The city said it would “receive advice from experts collaborating on this event and provide updates as necessary.”
As for the City Council's YouTube live stream, Hoffman acknowledged it is not yet available, but all City Council meetings are recorded and later posted at jacksonvillebeach.org/555/City-Council-Audio-Recordings .
jacksonville today Iman Vakirinia, an assistant professor in the University of North Florida's School of Computing, asked what a “cybersecurity incident” meant. He said in an email that this is “malicious activity or breach that compromises the confidentiality, integrity, or availability of digital systems.”
“Cybersecurity incidents can occur through a variety of means, including cyberattacks, human error, and system vulnerabilities,” he says.
Vakirinia said that recent reports indicate that cyberattacks targeting government agencies and hospitals are on the rise.
In early February, Hoffman submitted a memo to the City Council saying staff were working with law enforcement and cybersecurity experts. However, “as this matter is currently under active investigation, there are limits to the details I can provide.''
“First and foremost, we want to emphasize that the safety and well-being of our community remains our top priority,” Hoffman said in the memo.
She said the city's accounting function is facing some challenges, but all pension and employee payroll is being taken care of.
“Our IT team and external cybersecurity experts are conducting a thorough forensic investigation to understand the full scope of this incident,” she wrote. “At the same time, we are working diligently to safely and fully restore our technology environment, strengthen our cybersecurity posture, and prevent future incidents.”
jacksonville today Vakilinia asked how long it would take for city government to return to normalcy after a cybersecurity incident. He said recovery “can vary widely depending on a variety of factors, including the nature and severity of the incident, the effectiveness of an organization's incident response plan, the extent of damage and data loss, and the resources available for remediation.” .
“In some cases, an organization may be able to resume normal operations relatively quickly, especially if an incident is detected and contained quickly and backup systems are readily available to restore affected data and services. There is a certain gender,” Vakirinia said. “However, for more complex or serious incidents, the recovery process may take days, weeks, or even longer.”