Washington County government hit by cyber attack, officials say

Cyber security IT engineer working on protecting network against cyberattack from hackers on internet. Secure access for online privacy and personal data protection. Hands typing on keyboard and PCB
Cyber security IT engineer working on protecting network against cyberattack from hackers on internet. Secure access for online privacy and personal data protection. Hands typing on keyboard and PCB

FAYETTEVILLE — Washington County’s computer systems have been the target of what officials say is a continuing cyber attack that began Friday.

More than 14,000 separate attempts to log into the county’s servers were detected Friday, said Tad Sours, the county’s communications director. There were more than 17,000 attempts to access county servers Saturday and the number grew to more than 33,000 Sunday, Sours said.

“They were trying to get into our servers, hitting them over and over and over,” he said Monday morning. “It is still ongoing.”

Sours said the attempts to access the county’s servers had been blocked. The attempts were directed at servers with some public access, like email and some GIS mapping information.

County Assessor Bobby Hill said his office had experienced no interruption in public access throughout the attack. The Assessor’s Office property records, for example, will typically get 100,000 “hits” in a month.

“The way they described it to me is it’s like you have a camera on your doorway,” Hill said. “Someone comes up to your door and tries to see if it’s open. You can see it when it happens. When it’s not open, they go away, but they keep coming back to check again and again.”

Kelly Cantrell, public information officer for the Washington County Sheriff’s Office, said the servers used by the Sheriff’s Office were unaffected, with the exception of email, which uses other county servers.

County officials described the cyber attack as what’s called a “dictionary attack,” which TechTarget.com describes as a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document. Dictionary attacks work because many computer users and businesses insist on using ordinary words as passwords, according to TechTarget.com.

Benton County Judge Barry Moehring said Monday he had not been notified of any specific attempt to access Benton County’s systems.

“We are on alert for that sort of thing as is our standard procedure,” Moehring said. “We get attempts every day.”

The city of Fayetteville was hit by a cyber attack in June. According to information from the city, it appeared someone changed several system files in an internal city application about 4 a.m. June 8. The action decreased the performance of the city’s server. City staff shut down online systems as a precautionary measure to contain any potential damage.

The outage impacted phone lines, email, internet connections at city buildings, internal city programs, the online utility payment system and some other public-facing pages on the city website. Some public meetings were canceled or postponed. Phone lines were restored within a few days after the outage. Other systems, including the system allowing the public to pay their water bills online, were down for several days.

A report from the state Legislative Audit found 130 cybersecurity incidents were reported to Legislative Audit from July 1, 2022, to June 30, 2023, at 75 public bodies across the state ranging from higher education institutions and public school districts to cities and state agencies.

The number is an increase from the 63 incidents reported from July 28, 2021, to June 30, 2022. Of the 130 reported cybersecurity incidents in fiscal 2023, 73 have been resolved and 57 remain under investigation.

The report defines a cybersecurity incident as “any event that compromises the security, confidentiality or integrity of an entity’s information systems, applications, data or networks.”

Legislative Auditor David Coles cited two specific cases of ransomware attacks in the state report, one against the Little Rock School District in December 2022 and another in November 2022 against Apprentice Information Systems, a vendor that provided computing services in most of the state’s 75 counties. Coles said the attack against Apprentice Information Systems “halted most operations in those offices for multiple days, with some offices remaining offline for weeks [or] a few months.”

The attack against the Little Rock School District led to the district paying a $250,000 ransom to hackers who broke into its internal data network.

Of the 130 reported incidents, school districts and higher education institutions were the top targets. As for the nine types of incidents listed in the report, fraudulent transactions, which made up 52 of the 130 incidents, were the most prevalent, followed by spam or phishing attacks and unauthorized access, both of which had 26 reported cases.

Upcoming Events