The Scotland County Board of Commissioners held a special-called meeting Wednesday to discuss the cyber incident that the county has been experiencing since Dec. 18 shortly after information technology and cybersecurity service provider VC3 took over the county’s systems

The Scotland County Board of Commissioners held a special-called meeting Wednesday to discuss the cyber incident that the county has been experiencing since Dec. 18 shortly after information technology and cybersecurity service provider VC3 took over the county’s systems

LAURINBURG — The Scotland County Board of Commissioners approved the authorization of the use of up to $100,000 and gave the chairman the authority to authorize an additional $100,000 if needed to address the cyber incident that resulted in a server shutdown.

The action was taken Wednesday during a special-called meeting held to discuss the cyber incident that the county has been experiencing since Dec. 18 shortly after information technology and cybersecurity service provider VC3 took over the county’s systems, Chairman Tim Ivey unveiled.

“VC3 took over our systems that day (Dec. 8) and they put some software on all these servers and then by two o’clock that day it started kicking in that somebody was in there messing around doing something they weren’t supposed to,” Ivey said.

Ivey said VC3 was able to “kick them out” with their ability but the next stage was to unplug everything.

“We unplugged all the servers and (now) nothing in the county is attached to the internet except for some of the 911 system which is on a different system,” Ivey said.

Ivey said this also includes deputy cars and police department computer-aided dispatch systems.

“When we learned we had a cyber incident, as a county and as a team we chose to take a very proactive approach to this in that we chose to take our network down to prevent any further problems and to prevent any cyber attacker from breaching our data … We understand that is inconvenient for our county departments but that is what we needed to do,” said Scotland County Manager April Snead.

On Friday, the county’s Emergency Operation Center was activated and Public Safety director Robert Sampson brought in an Incident Management Team (IMT) that includes other EOC directers throughout the state who have had similar cyber incidents in their counties. In addition, the county has received assistance from the North Carolina Local Government Information Systems Association, the North Carolina Joint Cyber Security Taskforce, Verizon, AT&T, and other counties, that have donated equipment.

Snead said that on Saturday, the state delivered 63 “clean” laptops.

Back to work

When Scotland County government employees return to work on Thursday they will do so at a partial working capacity save for public safety due to the cyber incident the county is currently experiencing.

“Robert and VC3 and a couple of staff members have worked very hard over the holidays. When we walk in tomorrow morning every department will have some resources … So clients or citizens should be able to call our departments without interruption and we should be able to keep giving them services,” Snead said.

Sampson said the plan is for 100% of the county to open back up but to do that at a 50-60% operational capacity.

“That is the goal,” Sampson said. “There is no way to get the county functioning at 100% because we don’t have a network to operate off of, one, and two, we don’t have 300 computers so we’re having to take resources that we have and allocate them to all of our department to the best of our ability so that we can have these departments run at what my goal is 50 to 60% operation.”

Sampson said as the days go by and the county obtains additional resources, those resources will then be allocated to the departments to increase the percentage of operation.

“That’s not what we want to hear but unfortunately it is the reality,” Sampson said.

In the meantime, Ivey proposed allocating the funds needed to address the needs as they come.

“We’re going to have to make decisions on equipment and we don’t know what equipment. That’s the problem. My proposal is we set an x amount of allocation for this. It may not be used,” Ivey said.

The county has already begun the process of rebuilding its network and remains tightlipped on how this will be implemented for security purposes. Snead said the county will soon know the details of the cyber incident when VC3 completes its report.

“I’m not sure of the timeframe on that but we’re hoping that we know that relatively soon because that report will also give us recommendations moving forward beyond what recommendations we already have,” Snead said.

Snead asked for patience from the public when the county opens back up on Thursday.

“When the public calls or comes in we just ask them to please understand that we are rebuilding and getting resources in place as fast as we can … every day it will improve as we move forward,” Snead said.

Tomeka Sinclair can be reached at tsinclair@laurinburgexch.wpenginepowered.com.