_{Thumbnail courtesy of Curry County}

Curry County is hosting a cybersecurity summit that will feature information from experts who helped the county get back on its feet from a ransomware attack that crippled its network about two years ago.

Chief Information Officer Phil Dickson told commissioners on Wednesday that he invited representatives from special districts within Curry, Coos and Del Norte counties to attend. In addition to providing information about multi-factor authentication and good backup practices, the summit hosts will conduct an assessment of every attendee’s network, he said.

“It’s not something to get you in trouble or go, ‘Oh, gotcha!’” Dickson said, adding that about 40 participants have registered to attend so far. “This is going to be a moment where we can have a baseline. What these professionals are going to do is spend 10 to 15 minutes with each individual district and say, ‘This is what I recommend you look at first, this is what I’d recommend you look at second…’”

The summit will be held May 13, 14 and 15 at the Curry County Fairgrounds in Gold Beach. The speakers will include Cybersecurity Infrastructure Security Agency representatives Christopher Ross, Jason Salfen and Leslie Kainoa as well as Mike Finch, chief information officer for Lane County, and Cinnamon Albin, Oregon’s deputy state chief information security officer.

Other speakers include Heidi Leyba, Lane Council of Governments chief technology officer, and her colleague, LCOG cybersecurity professional John Jones. Lane County Chief Information Officer Mike Finch will also be a featured speaker. According to Dickson, Finch helped get Curry County back online after its ransomware attack in April 2023.

During his presentation to the Board, Dickson emphasized various sectors that have been subject to cyberattacks in the past, including water districts, library districts, ports and healthcare districts.

Dickson also invited representatives of local fire protection districts, saying he hoped the summit would provide an avenue for them to meet their colleagues from other districts. The chief information officer used Curry County’s earthquake risk as an example as well as the possibility that the community will need aid from other areas.

“There’s going to be massive damage up and down the coast,” he said. “Along with the goal of cybersecurity, we’re wanting to put these same types of districts in their own breakout sessions so they can have a place to put a face to a name.”

An attack attributed to the Royal Ransomware Group brought Curry County operations to a standstill on April 26, 2023. Ransomware is malicious software that prevents users from accessing computer files, systems or networks and demands a ransom for their return, according to the FBI.

As a result of the attack, Curry County staff were unable to access internal documents, email, and calendars. Live streaming public meetings was impossible and the county wasn’t able to file titles and other documents.

It took help from the Oregon Department of Forestry, Klamath, Lane, Josephine and Coos county personnel, the Information Technology Disaster Resource Center, the Oregon Department of Transportation, the Oregon Health Authority, the University of Oregon and the Oregon Emergency Management Agency to get Curry’s network functional again.

Curry County also received help from CISA and Microsoft.

On Wednesday, Board Chairman Brad Alcorn, who kept the community updated during the county’s recovery in 2023, told Dickson that he has spoken about the attack at various events throughout Oregon and in other states. Most people felt that a summit focusing on cybersecurity was necessary, Alcorn said.

“Communities need to organize these types of events because this is really a foundational step to deter, prevent and protect these cyber environments,” he said.

For more information about the cybersecurity summit, click here.