Town of Sahuarita, GVR Face Email Hacks

The Town of Sahuarita and the Green Valley Recreation (GVR) recently had to confront cyberattacks that had the potential of affecting thousands of people at one go. Both GVR authorities and officials in the Town of Sahuarita consequently had to take steps to mitigate the effects of these attacks.
Two cyberattacks that happened last month targeting the Town of Sahuarita had compromised thousands of email accounts.

Green Valley News, in a report on the incidents, quotes what Sahuarita’s Technology Manager Ronald Bishop had communicated via email on September 6; the email says, “This morning another town account fell victim to hacking… This is the second time this type of attack has occurred in as many weeks.”

Bishop, who maintains that the attack was quickly discovered, is also quoted as saying, “It appears they controlled the account for less than 15 minutes… The attack seemed to be aimed at harvesting account passwords.”

Green Valley News reports, “The attack started with a paralegal’s town email account and spread from there, according to Bishop’s email. Malicious emails were sent to other town employees, but not to the general public…This followed a previous attack were another town email account was compromised, resulting in malicious emails being sent to vendors who work with the town. Those vendors were quickly notified not to engage with the dubious communication, town spokesman Mark Febbo said.”

Sahuarita officials, following the cyber incidents, have taken steps to protect residents and employees who might have shared their email addresses and other information with the town. Precautions are taken to ensure that another cyberattack doesn’t happen.

As part of ensuring better security, Sahuarita officials have introduced multi-factor authentication for the email server. They have also taken steps to ensure that all data is kept compartmentalized, thereby making it difficult for data to be breached. Email addresses and sensitive personal information are not stored on their server, thereby making it difficult for hackers to access them. Similarly, a VPN (Virtual Private Network) has been instituted for employees who use public Wi-Fi for various purposes.

The Green Valley News report states, after detailing the steps taken, “Using these methods, and other best practices, Bishop said the goal is to protect town employees as well as residents. He said a cyber protection strategy is only as strong as the people who use it… He also said that common sense and due diligence were some of the strongest tools to keep safe online.”

GVR was targeted last week by a phishing email campaign, which was detected and reported on Thursday afternoon. Following this, members were warned against clicking on an email sent last Thursday and appearing to come from a trusted contractor who has been associated with the organization.

In its report on the incident, Green Valley News quotes GVR Communications Specialist Miles Waterbury, who says, “Our IT is still investigating the incident, which appears to have targeted one GVR email’s contact list, on a remote access point… A very small portion of GVR’s membership was assumedly affected, simply those who were connected to the affected email.”

The GVR members were informed and warned of the scam via the social media as well as through email, sent on Friday itself. Members were advised not to click on the link and also to delete the email immediately. The infected account has been taken online and the issue fully resolved, it’s reported.