City’s IT headache passes two-week mark
By Susan Frick Carlman and hank beckman Sun-Times Media October 15, 2012 5:08PM
The Napervile Municipal Center reflects in the screen of a laptop computer on Tuesday, October 16, 2012 showing what the user will see on the screen if they call up certain pages of the city's website after the site was hacked. | Steven Buyansky~Sun-Times Media
Updated: November 18, 2012 6:18AM
With the city’s main website down since Oct. 2, the Naperville City Council Tuesday night approved a bid of $673,000 for work to bring its system fully back online and to protect it in the future.
The council agreed to waive the normal competitive bidding process and approved without comment the bid of N-Dimensions, a Canadian computer consulting firm.
The bid includes $395,000 for hardware such as firewalls and servers and hacker detection software, $221,000 for consulting fees for network intrusion analysis and $57,000 for a consultant for network restoration.
Included in the $221,000 figure is $92,000 already paid to N-Dimensions for services performed in the days immediately following the incident.
City officials believe insurance will cover a sizable part of the expenses.
After the meeting, City Manager Doug Krieger said that the process would include redesigning the website, restoring the external email and finally, establishing the official website online.
Krieger wouldn’t speculate on what the exact features of the new city website would be, but did say that one key decision would be whether to have it controlled on actual city hardware or in a location on the Internet “cloud.”
The FBI are in the process of investigating the Oct. 2 security breach as a criminal matter. Krieger said that if it turns out that the virus was generated by a particular human being and not an automated program the city would cooperate in prosecuting the individual to the “fullest extent of the law.”
Krieger said there has not been any permanent damage to city property and that no personal information of city employees or residents has been compromised.
Naperville’s official website remains down this week, although visitors in many cases can still get where they need to go.
Officials still aren’t ready to predict how soon things will be back to normal — or even how the new norm will look.
Krieger said the cyber attack against the city was one of about a half million attempts that are made on the city website every day — but this time the hacker got through.
“We continue to have active investigations going on,” Krieger said. “We believe the intruder is a person, as opposed to an automated program.”
Investigators, he said, have duplicated portions of the hard drives most relevant to their inquiry.
“While they continue their forensic analyses on those, we are starting our design and kind of rebuilding phase,” Krieger said. “No damage to our system; however, the system being brought up online will prevent similar attacks with a similar result. Obviously, no (security) system will provide you with 100 percent surety.”
There is still no way to predict with certainty how long the site’s resurrection will take. Krieger said “operational criteria” are helping prioritize the restoration.
“First up in line will be internal email, to be followed by external email, followed by Internet access,” he said.
“And then on a separate track, a redesign and bringing a fully optioned website back up online. Right now we’re kind of running on website light.”
Some of the city site’s regular features, such as online payment of utility bills, are functioning. That and other issues are addressed on the interim page found at www.naperville.il.us.
The city’s IT staff is working “nonstop” on the problem, Krieger said.
Overtime expenses aren’t a huge concern, because those involved are salaried employees.
“But I can say that we are tracking all hours associated with the recovery, and an important part of that would be for insurance purposes,” he added.
The city has coverage designed to offset the costs of troubleshooting and initial diagnosis in the event of a cyber attack. The policy feature has been in place for a couple years, Krieger said. He surmised that, at one point, there were questions about the necessity of the additional coverage, which likely have been answered now.
The final financial impact of the attack won’t be known for a while, he said.
“The vast majority of the expenses associated with this are going to be upgrades and updates that we were going to be doing over the next couple of years anyway,” Krieger said.
Meanwhile, city staff members have grown more accustomed to using phone calls, faxes and in-person meetings to communicate.
“It’s different,” Krieger said. “I think we are burning through a little more paper than we used to, but we recycle well.”
Krieger said that residents can communicate with the city by emailing to a temporary site, cityofNaperville@gmail.com.