BY JEFF CHUDZINSKI

North Country This Week

CANTON — October is Cybersecurity Awareness Month in St. Lawrence County.

Legislators made the proclamation during the Operations Committee meeting on Sept. 18, highlighting the importance of cybersecurity policies, procedures and resources.

Cybersecurity Awareness Month was first launched in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security  and is currently co-lead by the Cybersecurity and Infrastructure Security Agency (CISA).

The theme for 2023 is “It’s Easy to Stay Safe Online,” to address the frustration and confusion many users feel regarding staying secure, officials say.

“Cybersecurity Awareness Month continues to raise awareness about the importance of cybersecurity across our nation, ensuring that all Americans have the resources they need to be safer and more secure online,” officials say.

Cybersecurity is something that has been a hot topic in the North Country of late with hospital systems and school districts all suffering attacks in recent months.

Most recently Claxton-Hepburn Medical Center was the target of a cyber attack on Aug. 31, during with hackers were able to access data in the hospital’s systems.

According to CEO Richard Duvall, it’s unclear what data they were able to access and if they were able to view any data they did obtain as it was encrypted.

Duvall said the criminals were not able to lock down computers at the medical centers because the IT Department noticed an anomaly and worked quickly to block access.

“The criminals did deploy the bug needed to lockdown our software, but we were able to block their access before it could be activated,” he said.

Duvall said legal action is being taken to identify what data was stolen, but at this time it’s unclear what the hackers were able to obtain and if they were able to get past the encryptions.

St. Lawrence Health Systems was also the target of a cyber attack in 2020 that forced SLHS to shut down its network and information systems.

According to the organization at the time, the virus was identified as a new variant of Ryuk ransomware previously unknown to antivirus software providers and security agencies.

The Health System’s investigation teams immediately provided the FBI, Department of Homeland Security, and other authorities with all the information they required and very quickly made the signature of this Ryuk strain available to the Health System’s anti-virus service providers, SLHS representatives said in 2020.

Massena Central School District was also targeted in 2021, causing a disruption in the district’s network and impacting certain systems, according to school officials at the time.

“Importantly, to protect the integrity of the Massena Central School District system, access to the platform and surrounding environment was immediately disabled, and we are working expeditiously to restore our servers and return to full operational capabilities,” former Superintendent Pat Brady said at the time.

Earlier this year, county officials took steps to safeguard data from cyber attacks with help from the New York State Department of Information Technology and Department of Homeland Security.

Legislators on the Operations Committee unanimously approved an intergovernmental agreement with both agencies during the committee’s Jan. 9 meeting.

The agreement, which will provide protection for critical infrastructure for county services, will come at no cost to the county for three years.

The contract will cover many facets, including coordinating policies, standards and programs on cyber security.

The security solutions are scalable, meaning they can be used for as much or as little as deemed necessary, Rick Johnson, St. Lawrence County Director of Information Technology, said in January.

The county was offered the opportunity to use CrowdStrike endpoint detection and response (EDR) services by New York State as part of a $30 million program established by Governor Hochul.