MADEIRA BEACH — In December 2017, the city experienced a cyberattack. Its computer system was hacked and compromised. That prompted a contract with the city’s information technology provider, Network People Inc., which took corrective actions and made recommendations to avoid future incidents.
The city is currently paying the firm $40,800 a year to provide cyberprotection, which appears to be successful.
In light of recent hacks against two small local governments in Florida, the latest contract with Network People, an IT Advanced Security Agreement, “recommends more tools and security measures to protect us against attack,” Finance Director Walter Pierce said.
Elias Leslie, the IT security director at Network People, gave an update on the effectiveness of the security measures at a July 22 City Commission workshop.
“Year-to-date, we haven’t seen any bad malicious stuff get through to the city’s computers. We’re blocking a lot of the bad stuff that’s trying to come in. We haven’t seen anything come through,” Leslie said.
His company uses “multiple layers of defense” to protect from attack, he said. That includes blocking connections to countries known to be sources of threats, such as China, Russia and the Ukraine, Leslie said.
“We block Madeira Beach employees from accessing websites known to have malicious software,” Leslie said.
Email security is especially critical, Leslie said.
“That is the highest threat,” he said. “They try to trick the employees” by making a malicious note look like it is from a person familiar to them.
Leslie said users are the first line of defense against cyberthreats and training “is key, very key to prevent these sorts of attacks.”
He said 98 percent of Madeira Beach city employees have completed end-user security training.
The next step, Leslie said, is more advanced training to meet more current threats, and custom end-user training.