Blind SpotAfter virus fouls Cook County highway department computer network, agency starts looking beyond just potholes toward enhancing online secuity
Friday, July 26, 2013
BGA & NBC5
by Patrick Rehkamp
The Cook County Department of Transportation and Highways is tasked with maintaining hundreds of miles of roads in the Chicago area.
Turns out the agency should have been paying more attention to the Information Superhighway.
The department's entire computer network was shut down for nearly two weeks after someone – possibly a county employee goofing around on the Internet – allowed a virus to infect the system this past spring, the Better Government Association and NBC 5 has learned.
And not just any virus. The one that attacked the county computers hid legitimate work content and created bogus files with racy names.
Getting things back to normal took a lot of effort – underscoring not only the damage inflicted, but also the lack of monitoring and anti-virus protections with the county's technology.
Five computer technicians spent 216 hours scanning the department's 200 or so computers and scrubbing the dozen units that turned out to be contaminated, as well as the server that binds the laptops and desktops, county officials said. The fix was completed in June.
A logical question: What work didn't get done during the down time that should have?
That's not totally clear. County officials said operations did obviously slow, but another county department loaned the highway people laptops so work never completely halted.
The highway department, known historically as a bastion of patronage, is based at 69 W. Washington in the Loop and also has satellite offices.
The virus was probably unleashed on county computers accidentally, maybe by a worker who opened an infected email attachment or picked up the bug while surfing the web, county officials said.
It's tough to determine who's to blame, said Cook County Chief Information Security Officer Ricardo Lafosse. In fact, it'd take a forensic look, which is quite costly, to pinpoint the entry point, he said.
The county isn't willing to pursue that avenue because of the expense, but officials are discussing whether to block outside portable drives (USB or thumb drives) and tweak content filters to prevent future problems through county government, said Kristen Mack, a spokeswoman for Cook County Board President Toni Preckwinkle, who oversees the highway department and has pledged to bring a more professional management style to the county.
There are roughly 12,000 computers falling under Preckwinkle's domain, officials said.
While viruses are quite common in the web universe and many are relatively harmless, it's important to enlist a variety of
safeguards to stop them from fouling a computer system, according to one expert consulted for this story.
One thing he advises: if at all possible, stop workers from accessing personal emails while on the clock.
"If they can truly function and not have personal email . . . go ahead and do it," said Karl Volkman, chief technical officer for SRV Network, Inc., a Chicago IT support firm.