Assembly approves $30,000 cybersecurity contract following incident

The borough’s IT director said no public data was compromised

The Kenai Peninsula Borough will use $30,000 to implement cybersecurity measures in response to an attack against a borough server last month. The borough assembly approved last week a sole source contract between the borough and GCSIT Solutions, a computer security service based in Anchorage.

Kenai Peninsula Borough IT Director Ben Hanson said Friday that no public information was compromised during the incident and that the affected server was a test server, meaning it had not yet been loaded with data and was still being built.

Hanson wrote in a Jan. 21 memo to Kenai Peninsula Borough Mayor Charlie Pierce that the borough became aware of an “ongoing cybersecurity attack” on Jan. 19 that required an emergency response to be implemented. The borough contracted a cybersecurity professional to assess what happened and put together a plan to remediate the threat over the following 48 hours, Hanson wrote.

Hanson said Friday that the nature of cybersecurity threats limits how much can be said publicly about the incident, but reiterated that no public information was compromised.

The $30,000 approved through the contract will pay for work that occurred immediately after the incident was identified as well as ongoing efforts between the borough and GCSIT, he said.

Hanson described the incident as “yellow alert” during a Feb. 15 meeting of the assembly’s Policies and Procedures Committee.

While the incident caused “concern,” it also underscored the need for better collaboration between the borough’s IT department and Office of Emergency Management when it comes to cybersecurity.

“We used this circumstance as a way to execute kind of an example of an incident response,” Hanson said Friday.

It’s one of the IT Department’s long-term plans, Hanson said, to create a cybersecurity addition for the borough’s emergency management plan. He said people usually think of things like floods and fires when they think about emergency response, but that cybersecurity requires a similar response process.

“It’s been recognized that cybersecurity incidents, when they happen at a municipal scale, fall into that emergency management (category),” Hanson said.

Last week’s Policies and Procedures Committee meeting can be viewed on the borough’s website at kpb.us.

Reach reporter Ashlyn O’Hara at ashlyn.ohara@peninsulaclarion.com.