An innocuous message on their web site about e mail being unavailable final week, a one-line alert canceling at present’s Board assembly and a social media publish led YubaNet to ask if Nevada Irrigation District (NID) had been hacked. The quick reply: Yes, however no buyer or workers information was compromised. Water supply, energy era and dam operations have been by no means affected.
Assistant General Manager Greg Jones supplied particulars about final week’s intrusion try in a cellphone dialog.
Last week, an try to compromise NID’s servers made it by way of the primary layers of their intrusion safety through their e mail server. As the malware began shifting by way of the community, the firewall/antivirus/safety systems kicked in.
Jones said NID’s hydro division is remoted from the company’s community and at no time have been dam operations, energy era or water deliveries affected, “these systems have been already remoted and weren’t compromised.”
The district’s IT division, with the assistance of outdoor consultants, has carried out a forensic evaluation over the previous 4-5 days and is rebuilding some legacy servers to additional safe the digital infrastructure. The district will transmit their findings to legislation enforcement.
“No buyer or workers data was compromised,” Jones responded to our query relating to information integrity of buyer and personnel recordsdata. “All cost data, routing data, our workers recordsdata are safe.”
Jones identified their intrusion detection managed to cease the malware earlier than it encrypted the district’s information. Their IT division is bringing the assorted community parts again on-line after intensive checks. Intrusion makes an attempt are widespread and Jones estimates 2,500 makes an attempt a day on their systems.
The district is the most recent in a sequence of companies and organizations to have their systems compromised. Sierra College, the town of Grass Valley and the Town of Truckee had their data systems compromised by ransomware. Ransomware is malicious software program (aka malware) that positive factors entry to a system. When profitable, hackers then threaten to publish or block entry to information or a system, often by encrypting it, till the sufferer pays a ransom payment to the attacker.
The board assembly, slated for at present, has been rescheduled to subsequent Thursday, October 21. 2021 at 9:00 am. An up to date agenda will likely be printed this Friday.