County & Local

Delaware County, Pa., plans cybersecurity upgrade after ransomware attack

The Philadelphia suburb was hit by a ransomware attack last year, which cost it $25,000.

August 12, 2021

(Getty Images)

Delaware County, Pennsylvania, officials on Wednesday agreed to spend nearly $1.6 million on cybersecurity measures following a ransomware attack last November that cost the county $25,000.

The County Council of the 566,000-person county south of Philadelphia unanimously agreed on salaries for new staff positions, consulting fees and software licenses to support a host of security and operations improvements, including financial systems, infrastructure engineering and the digitization of the county’s records. Some of the money will also be allocated to countywide training and web development, the Delaware County Daily Times reported.

The cash infusion — topped off by an additional $858,957 to improve air conditioning, server space and power supply units for the county health department’s data center — was spurred by an on the county last fall by hackers using the DoppelPaymer ransomware. (Actors affiliated with the DoppelPaymer malware have also in recent years struck at the Illinois attorney general’s office; Torrance, California; and Azusa, California.)

The infiltration was first spotted Nov. 21 after hackers encrypted police reports, payroll, purchasing orders and other county services. The county ultimately capitulated within the week, paying a $25,000 deductible to a cyber insurance firm at the recommendation of County Executive Director Howard Lazarus, according to a December press release.

The $1.6 million the County Council approved will support 12 new IT positions, including four support jobs, three applications staff, two health department IT staff and three new hires for cybersecurity, audio-visual support and web development.

“In terms of the current state, over the past seven months, my evaluation is that really urgent requests overwhelm the ability to do basic support and maintenance,” Frank Bilotta, the county’s chief information officer, told the Daily Times this week. “And, I would say ultimately, that … item is the reason for our susceptibility to the attack in November.”