Cyber Incident Management and Technical Support, Matanuska Susitna Borough

Project Brief

In 2018, Alaska’s second-largest municipal borough encountered a cyberattack unlike any it had encountered, gaining international news coverage of the ransomware attack. They did not pay the ransom; rather, the borough took the entire system down and rebuilt it. Wostmann deployed a 5-member team over five months to provide immediate aid to respond and recover from the incident, helping minimize downtime and get the municipality back up and running. Wostmann provided project managers, software developers, technical support, and a cybersecurity consultant. Working with several local firms and internal staff, we identified and assigned tasks, managed a data and application recovery pipeline, coordinated network and computer work across 46 remote sites, recovered and redeployed scores of applications and databases, identified new anti-virus software, developed a new computer image, re-imaged over 500 computers, developed a standalone application to scan drives, thumb drives, and cameras; flashed and re-set electronic signboards.

Wostmann developed an information security program which consisted of new security policies and procedures that incorporated security into IT operations such as change/patch management, user account administration, acceptable use, vulnerability testing, use of multi-factor authentication for identification of staff and contractors for remote access, and use of encryption for data at rest and in transit. Secure coding practices and principles were shared via knowledge transfer with borough developers to improve cyber security posture and reduce attack surface of the municipality’s web-based collaboration platform.

Deliverables, as part of a team, included rapid response, redeployment of more than 500 computers and VOIP phones across 46 sites, recovering and redeploying more than 20 applications and databases, analyzing antivirus tools and assisting in deployment of the selected tool, building and deploying a custom application for scanning thumb drives, developing a security program and policies, and manually installing security and other software on more than 100 computers.

Deliverables

  • Rapid response

  • Redeployment of more than 500 computers and VOIP phones across 46 sites

  • Recovering and redeploying more than 20 applications and databases

  • Analyzing antivirus tools and assisting in deployment of the selected tool

  • Building and deploying a custom application for scanning thumb drives

  • Developing a security program and policies

  • Manually installing security and other software on more than 100 computers

Related Work

State and Local Contracts

Wostmann & Associates has more than 25 years experience in state government technology projects. We have supported the State of Alaska in a variety of initiatives, from website and reporting systems to complex integration and enterprise systems and we welcome opportunities to any state with our experienced, senior technology professionals. We often perform our government services via our joint-venture partnership, Alaska IT Group, which combines our services with those of other leading small technology firms. Wostmann and Alaska IT Group are registered in Alaska for several IT service categories listed below. State agencies and local governments may utilize the Alaska Task Order Procurement System (TOPS) for our services or may contact us directly for more information.

  • Cat 2: Mid-range Systems Support

  • Cat 3: Specialized Server and Middleware Administration

  • Cat 4: Data Center Consulting

  • Cat 5: Security Consulting

  • Cat 6: IT Management Consulting

  • Cat 7: IT Procurement and Grant Services

  • Cat 8: OS390 and Z/OS Mainframe Applications Programming Support

  • Cat 9: Distributed Application Analysis, Design and Programming

  • Cat 10: Document Management

  • Cat 12: Project Management

  • Cat 13: Quality Assurance