Imagine a wall around your house.
Now imagine someone trying to breach it 411,000 times a day.
That’s what Riverside County’s government deals with 24/7 while protecting a $6.9 billion budget and a mountain of sensitive data from hackers. San Bernardino County, which has a $7.6 billion budget, is also inundated by cyber intruders, although officials there were reluctant to put a figure on the volume of attacks their county faces.
“This is a way of life now where people are trying to find vulnerabilities and exploit those vulnerabilities,” said Tony Coulson, a professor of information and decision science at Cal State San Bernardino and director of its Cybersecurity Center.
“It is better than robbing a bank … You can steal 100 credit cards, put them on the dark web and sell them for hundreds of dollars each and probably never get caught.”
In a presentation to Riverside County supervisors in September, Anthony Chogyoji, the county’s chief information security officer, said the county’s cybersecurity center watches for threats around the clock. County spokesperson Brooke Federico declined to reveal the center’s location.
“In 2020 alone, (the county’s IT infrastructure) prevented over 150 million cyber attacks on our network and stopped over 40 million spam, phishing and infected emails from reaching our 23,000 employees,” Chogyogi said in a brief video aired at a Board of Supervisors meeting.
In San Bernardino County, “cyberattacks occur consistently throughout the day – every second of a day, which are typically unsuccessful attempts,” Robert Pittman, the county’s chief information security officer, said via email.
There’s no shortage of money or data in county government.
Besides overseeing billions in federal and state funding and local tax revenue, Riverside and San Bernardino counties handle everything from building permits and marriage licenses to applications for public benefits, medical records and voter registration data in a region of 4.5 million people.
Large-scale cyberattacks, like the one that temporarily shut down a southeastern U.S. oil pipeline in May, make headlines, but much more common are smaller-scale intrusions. The city of Torrance was among hundreds of local governments beset by hackers in 2019 and 2020, the International City Manager Association’s PM Magazine reported.
In 2019, ransomware attacks targeted 113 local and state governments and public agencies, the magazine reported. Ransomware denies access to digital information until a ransom is paid.
Hackers also go after elections. In 2017, Time magazine reported Riverside County’s voter registration database may have been an early target of Russian hackers seeking to sow chaos in the 2016 presidential election.
Rebecca Spencer, the county’s registrar of voters, took issue with the word “hacked” and said her office found most voters who said their registration was changed without their knowledge forgot they had changed their party affiliations. Officials in both Inland counties have said voting and vote-counting machines can’t be hacked because they’re not connected to the internet.
In recent years, ransomware attacks by overseas hackers targeted small municipalities and school districts, Coulson said.
“That’s weird from an American perspective,” he said. “But in a country where someone thinks the government holds all the wealth, they would think going after schools is going to get them the riches they want … they were sorely disappointed that as they attacked school districts, they didn’t get big payouts.”
In 2019, hackers placed ransomware in servers used by the San Bernardino City Unified School District. Staff and faculty couldn’t access their emails and WiFi and other technology couldn’t be used.
Both counties have information technology departments tasked with cybersecurity, IT troubleshooting, maintaining servers and other duties. Riverside County Information Technology’s budget is $112.2 million, while San Bernardino County’s Innovation and Technology Department has a $110.7 million budget.
In 2013, the county bought The Press-Enterprise building in downtown Riverside for $30 million and converted it to an IT hub.
The most common cyber threats to Riverside County government are “phishing emails written by malicious actors designed to trick users into giving confidential access to information,” Federico said via email.
“These bad actors are most often from foreign countries attempting to access funds or confidential data by going around any security systems in place.”
Pittman was less forthcoming about his county’s cyber threats.
“The county would prefer not to discuss this,” he wrote when asked what the biggest threats and targets are, though he said the county has not been the target of a ransomware attack.
Later, San Bernardino County spokesperson David Wert said the county receives phishing emails daily.
Riverside County’s IT defenses include systems to detect and prevent breaches and employee training on avoiding phishing scams, Federico said. Riverside and San Bernardino counties also work with local, state and federal law enforcement on cybersecurity, Federico and Pittman said.
To prevent cyber crimes, public agencies need to work together and clear IT standards must be established, Coulson said.
“The county could have an IT department defending its network. But what about a small place that provides food to your school district?” he said. “They could be infiltrated, which leads to an infiltration on your side.”