NEWS

Richmond Housing Authority hit by cyber attack

Rachel E. Sheeley
rsheeley@richmond.gannett.com
Derek White at the Richmond Housing Authority.

The Housing Authority of the City of Richmond has been the victim of a cyber crime.

A group believed to be from India gained unauthorized access to the Housing Authority's computer system in late February. Using malicious malware, the unauthorized group encrypted the data, blocking the Housing Authority's access to its own information.

Although the data was made inaccessible, it isn't believed that any of the data was stolen, said Robert Unruh Sr., general manager of Eaton Computer, which provides support for the Housing Authority's computer system.

The malware operators asked the Housing Authority to pay an $8,000 ransom to regain its information, said Housing Authority Director Derek White.

White said the Housing Authority became aware of the issue Feb. 27.

RELATED: Wayne, Union counties boost cyber security

Eaton Computer was able to work with the Housing Authority to move its information to a new server and regain data that had been backed up in January.

"We lost about one month of data," White said. "It could've been a lot worse."

White said the Housing Authority never considered paying the ransom because there was no guarantee they would get all of their data back.

Efforts continue to restore data entered in February that wasn't backed up.

"We're a lot farther along than we thought we'd be, but we're not fully caught up," White said.

Eaton Computer's Unruh and Alex Knobloch, network security analyst, attended the Housing Authority board meeting Monday night to further discuss what happened and what additional steps need to be taken.

Unruh said a new replicating server was installed by Eaton Computer at no charge to the Housing Authority. He said the server now is programmed to perform daily backups of data on site and at a remote location.

Cyber security training also has been presented to Housing Authority employees and more stringent guidelines for changing passwords and using the internet are being implemented.

Unruh recommended that the Housing Authority buy a new firewall to better protect the system.

Unruh and Knobloch were unsure exactly how the malware operators obtained access to the system, but said some parts of the system were outdated and no longer as secure as they were when first installed.

Knobloch said even opening an outside webmail account, such as one provided by Yahoo or AOL, could open the system to threats. New viruses are being developed every day, Knobloch said, and could develop into problems because antivirus systems are designed to stop known issues but aren't as agile when it comes to new viruses and forms of attack.

Although no personal data on file with the Housing Authority was breached, White said some tenants have learned their private information might have been accessed through security breaches at national Department of Housing and Urban Development offices in November 2016.