Team 12 Investigates: Exclusive interview with former DOJ official hired to assist Suffolk cyber probe
The special legislative committee tasked with investigating the cause of Suffolk County's cyberattack is bringing in a heavy hitter. They've hired Richard Donoghue, a former senior official with the Justice Department, as counsel to help guide their investigation.
Donoghue is a powerhouse in fighting cybercrime. He is a former U.S. Attorney in the Eastern District of New York who handled many cyber intrusion cases and previously spent six years as counsel for CA Technologies—a software provider that helps clients guard against this type of attack.
In an exclusive interview with Team 12 Investigates, Donoghue said Suffolk County's attack stands out from most others that he has seen.
"This is a very significant attack no doubt about it and it's on the upper end of the scale," Donoghue said. "Because you've got a county with 1.5 million residents, it's a much broader impact and it actually affects people's lives. That's why I'm very grateful that I can be a part of the effort to address it."
Cyberattacks have become ubiquitous. Hackers are targeting school districts, real estate agencies and local governments more often. Donoghue said there were more than 100 municipal cyberattacks in the U.S. last year.
"Many of them were very significant and dealt with millions of dollars in ransomware demands," Donoghue added. "In one way, it is of course a deep concern for the residents and leaders of the county. On the other hand, unfortunately it's becoming more and more common so we're learning how to deal with these."
The special committee is investigating the origin of the September 8 attack by gathering evidence and interviewing witnesses. A preliminary forensic report by Palo Alto Networks found that hackers initially gained entry into the county's networks by leveraging a critical security flaw in an ordinary piece of software in the clerk's systems.
Since the forensic investigation is still ongoing, we could learn of other entry points within different county departments that hackers used to penetrate Suffolk's computer system.
"It took [Palo Alto] a long time in order to have access to the clerk's office," said Kevin McCaffrey, legislature presiding officer and committee member. "It wasn't until 45 days after the initial shutdown that Palo Alto or anybody had access to the clerk's office to be able to determine what was the status of their system."
The hack continues to disrupt services and delay voucher payments to businesses that do work for the county. Individual vouchers are worth anywhere from a few hundred dollars to hundreds of thousands of dollars each.
The County Comptroller's Office has around 3,400 vouchers in the queue, but the office is inundated with late submissions from departments. Comptroller John Kennedy said some vouchers are eight months old.
"I'm receiving, on average, between 1,500 and 2,000 additional 2022 vouchers per week so this hack consequence will go on well into '23," Kennedy said. "In no way shape or form is this thing resolved."