Illinois Attorney General responds to cybersecurity attack, audit
warning
Send a link to a friend
[May 07, 2021]
By SARAH MANSUR
Capitol News Illinois
smansur@capitolnewsillinois
 SPRINGFIELD — Illinois Attorney General
Kwame Raoul on Wednesday addressed the recent cyber breach of his
office’s online network, as well as an audit of his office released
earlier this year that warned of weaknesses in its cybersecurity
programs.
Raoul told a House committee his office has implemented new safeguards
since the April 10 ransomware attack that compromised the office’s
network and affected office employee’s email accounts.
Ransomware is a malicious software that collects the victim’s personal
data and threatens to publish it unless a ransom is paid to the hacker.
Raoul said his office is working with federal law enforcement to
evaluate the extent to which the network was compromised, what
information may have been exposed, how it happened, and what can be done
to prevent future breaches.
“These efforts are ongoing,” Raoul said during a House Appropriations
General Services Committee hearing Wednesday.
Since the attack, Raoul said his office has set up multiple layers of
security, and put in place application-level security and monitoring,
network authentication requirements, and firewalls. In addition, his
office has implemented “continuous vulnerability scanning,” and
intrusion detection and response protocols for their network, he said.
Raoul said his office has also set up a hotline for residents who may
have concerns about the breach to receive answers to their questions
while the investigation is ongoing. The hotline can be reached by
calling 1-833-688-1949 between the hours of 8 a.m. and 5 p.m. Monday
through Friday.
Rep. Brad Halbrook, a Pana Republican, asked Raoul why his agency wasn’t
properly prepared for and had not anticipated such a cybersecurity
attack.
“I'm just curious what we're doing, why we didn't anticipate this, why
we didn't have redundant systems in place to be ready to roll in case
something happened like this?” Halbrook asked.
[to top of second column]
|
Illinois Attorney General Kwame Raoul (third from
left) sits at a panel with members of his staff Wednesday evening
during a committee hearing in which he was questioned about a recent
security breach in his office. (Credit: Blueroomstream.com)
Raoul said, moving forward, his office has reached
out to “internal IT experts” to improve its network and technology.
“I don't know what the satisfactory answer that you'd want to your
question. But our staff, and I’m proud of my staff, have continued
to work hard during a very difficult circumstance,” Raoul said.
Raoul was also asked about a state auditor general’s report released
in February that found the attorney general’s office had not
implemented adequate internal controls related to cybersecurity
programs and practices.
It recommended that the office perform a comprehensive formal risk
assessment to identify information most susceptible to attack. It
also recommended the office classify its data to establish the types
of information most susceptible to attack.
Raoul said his office has begun the comprehensive risk assessment
that was suggested in the audit report.
“And in our response to the audit, we indicated that because of the
nature of our agency and the nature of our work, we consider all of
our data high-security data,” he said.
The attorney general’s office also created a new information systems
security analyst position, which is tasked with spearheading the
“formalization of the (o)ffice's risk assessment and security
efforts into a comprehensive, well-documented cybersecurity
program.”
Raoul said that position was created in August 2020.
Capitol News Illinois is a nonprofit, nonpartisan
news service covering state government and distributed to more than
400 newspapers statewide. It is funded primarily by the Illinois
Press Foundation and the Robert R. McCormick Foundation.
 |
