The Town of Ulster’s primary computer systems were hacked last week, and according to Supervisor James E. Quigley, III, they’re still dealing with the fallout.
“On 9/11, a cyber incident was reported by the security software on the town’s main general server that basically took us down,” said Quigley on Wednesday. “The whole system.”
Quigley said the response was both quick and thorough, with servers shut off within an hour of the discovery of the intrusion, and not turned on again until early this week after security was “beefed up.”
“It was promptly reported as is required under regulations to New York State Homeland Security Cybersecurity Services, which in turn automatically notified the FBI,” Quigley said. “I have talked to the (Ulster County) Sheriff’s Department. I have talked to the County Emergency Management. Immediately upon being notified that we had an issue, I notified the City of Kingston IT system manager and the mayor, and I also spoke to emergency management. I got like 12 calls in ten minutes notifying everybody and their brother.”
The Town of Ulster Police Department is not involved yet, and they may not be at all.
“The police don’t investigate these types of things,” Quigley said. “They allow the forensics to go through the computer professionals that our insurance company brings in. They aggregate the information and then turn it over to the law enforcement authorities. Law enforcement may step in, but it is not a guarantee that they step in.”
As of Wednesday, September 18, all systems are still impacted and offline, save for the police department and town court, which Quigley said operate on separate servers. Every other municipal entity, including administrative facility in town hall; water and sewer; payroll; and budget preparation, with the preliminary spending plan due to be submitted in two weeks.
But municipal operations have returned as close to normal as possible, and thus far it does not appear any data was taken by the hackers.
“We have established manual procedures to maintain seamless day-to-day operations of the town’s functions,” Quigley said. “And we are in a disaster recovery mode now, which means we are basically assembling the backup data, both electronic and paper, to understand where we are. At the present time, we have no missing data, and I can also say that there is no forensic evidence that would support a statement that we’ve had electronic materials removed from our network.”
The town is currently operating on a restored backup server, with all departments but the administrative offices running at full speed. It has been a busy week getting to that point, Quigley said.
“I’m living in town hall,” Quigley said. “It has not gotten as bad as Elon Musk: I’m not sleeping on the floor of my office.”
But how long will the forensic investigation take? And when do town officials expect to fully recover operationally?
“Right now, both of those questions have the same answer,” Quigley said. “It’s undetermined.”
Join the family! 
