Many municipalities hit by cyber stick-ups

Dozens of Massachusetts municipalities have been targeted by ransomware attacks — cyberattacks on computer systems that are designed to extort money.

A shocking investigation from NBC 10 Boston found that many municipalities have been attacked and at least 10 municipalities have ponied up the cash, all of it taxpayer money. Many of the payments have been in the form of bitcoin — an encrypted, digital currency that experts say is “all but impossible to trace.” The ransom payments ranged from $300 to more than $11,000.

Ransomware is software intended to damage a computer system and often steal data. Hackers use it to take advantage of computer networks that aren’t as secure as they could be.

The analysis from the station’s Ryan Kath and Jim Haddadin shows one in six Massachusetts communities have been hit by these attacks.

Lt. James Graham of the Bedford Police Department described the moment two years ago when he saw an ominous message on his computer screen, telling him hackers had seized control of the department’s electronic records. “It was heartbreaking when I first saw it,” Graham recalled. “I’m like, ‘Oh, we’re done.’” As a result, dispatchers couldn’t log any new incidents in the records management system. The department ended up having a backup system, that restored the missing files in a few hours. But other law enforcement agencies were not so lucky.

In a South Coast town, a police officer ended up paying $4,600 out of his personal bank account because the department couldn’t get money together to pay the hackers in time. The town eventually reimbursed him. In Douglas, police paid $750 in ransom money but lost almost a week of police logs, which they had to recreate from arrest and crash reports. Athol’s police department was also hacked, and it took months for the agency to reassemble its data.

David Farrell, assistant special agent in charge of counterintelligence and cyber programs at the FBI’s Boston office, said ransomware is one of the agency’s top cyber security concerns.

Police departments aren’t the only ones being hacked. Just a few days ago, a physician organization affiliated with Boston Children’s Hospital said it was hacked, the Boston Business Journal reported. The Pediatric Physicians’ Organization at Children’s said it experienced a malware incident that caused a system-wide outage that affected 500 primary care physicians, assistants, and nurse practitioners statewide.

Educational institutions are also at risk. The Leominster School District and Bay Path Regional Vocational Technical High School were victimized by cyber and ransomware attacks. Leominster paid $10,000 in bitcoin ransom in 2018 that came out of the school’s general fund because the incident wasn’t covered by any insurance.

The state’s Office of Consumer Affairs and Business Regulation urges all of its licensees to develop cybersecurity plans and update them regularly. The Department of Homeland Security offers a digital toolkit for small businesses, educators, and industry professionals who are trying to figure out how to beef up security. According to a 2018 report from a special Senate Committee on Cyber Security Readiness chaired by Worcester Sen. Michael Moore, the state is following a 13-year-old cybersecurity plan.

The Massachusetts Executive Office of Technology Services and Security also developed a set of strategic priorities for cybersecurity in the executive branch. That’s the most recent update, and it only applies to the top-tier of the state’s government.

“Massachusetts, typically a trailblazer in technological policy, is currently lacking in its cybersecurity plans and tactics. Several other states have successfully implemented cybersecurity plans for both their public departments and private companies conducting business within their state,” said a report issued by the special Senate committee.

Moore and Needham Sen. Becca Rausch are currently sponsoring a bill that would establish a 13-member Cybersecurity Control and Review Commission that would recommend standards for cybersecurity measures for state data. Private sector businesses contracting with state agencies would be required to adopt those rules. A bill filed by Rep. Shawn Dooley of Norfolk would create a similar body in the House of Representatives.

SARAH BETANCOURT


Massachusetts is facing a transportation crisis. Roads, bridges, and transit statewide urgently need investment. The gas tax, which has increased by only 3 cents since 1991, is a proven, stable, and immediate solution to make our commutes better. Learn more at www.t4ma.org/progress.


BEACON HILL

The Senate passes a mental health parity bill. (CommonWealth)

Massachusetts is facing a big hit from proposed federal changes in Medicaid. (State House News)

Gov. Charlie Baker signs into law a bill creating a caregiver abuse registry. It’s named after Nicky Chan. (CommonWealth)

A Herald editorial urges Gov. Charlie Baker to maintain his stance against granting undocumented immigrants driver’s licenses as a bill to do that advanced out of a legislative committee. Baker talked TCI, MBTA construction and the Drivers License Bill on “Ask The Governor.” (WGBH)

Lawmakers seem poised to take up several bills updating the state’s marijuana laws — but Baker’s “anti-stoned driving” bill will not be one of them. (Boston Globe)

Should Massachusetts politicians be allowed to use campaign funds to pay for child care? A commission takes a closer look. (MassLive)

Sex ed “class” briefs lawmakers on curriculum proposal. (Telegram & Gazette)

MUNICIPAL MATTERS

Boston officials are working to quell fears and misinformation about the coronavirus in Chinatown, where business is way down in shops and restaurants. (Boston Globe) Meanwhile, in Worcester, Chinese restaurants are relying on customers to be educated. (Telegram & Gazette)

Explosions rock a Newburyport pharmaceutical factory. (The Eagle-Tribune) OHSA, EPA report PCI has record of violations. (Gloucester Daily Times)

WASHINGTON/NATIONAL/INTERNATIONAL

Attorney General William Barr said tweets about Justice Department matters from the Oval Office “make it impossible for me to do my job” and declared that he won’t “be bullied or influenced by anyone,” a stunning broadside against President Trump by a member of his cabinet. (Washington Post)

State Rep. John Barrett III of North Adams lauds US Rep. Richard Neal for his mediation plan to deal with surprise medical billing. Neal has been criticized by others for blocking legislation that would have dealt with the problem differently. (Berkshire Eagle)

ELECTIONS

Democratic activist Liam Kerr tells Bernie Sanders to clamp down on the “bros,” who are getting out of hand. (CommonWealth)

Democratic strategist Dan Cohen sorts out the various theories about viability in the race for the Democratic presidential nomination and says pundits have it wrong in declaring it an either-or matter of boosting turnout or winning swing voters. (CommonWealth)

Elizabeth Warren slammed Michael Bloomberg in her first event since a disappointing fourth-place finish in New Hampshire, saying comments he made in 2008 about mortgage redlining should disqualify him from being the Democratic nominee. (Boston Globe) Former Boston police commissioner Ed Davis will chair Bloomberg’s Massachusetts campaign. (Boston Herald)

Critics target Elizabeth Warren for accepting a $3 donation from ‘broke college student’ (MassLive)

MIT: Hacker could alter ballots in widely used voting app. (AP)

BUSINESS/ECONOMY

Online furniture retailer Wayfair laid off 350 workers in Boston as part of a company-wide downsizing that will shed 550 jobs globally. (Boston Globe)

The Fall River Redevelopment Authority sanctioned the submission of two applications totaling $700,000 to advance economic development for the city. (Herald News)

EDUCATION

A Globe editorial urges state education commissioner Jeff Riley to leave the threat of state takeover of the Boston schools “on the table” to force the district to make meaningful reforms.

Katherine Newman dropped out of the race for UMass Boston chancellor, but she lands a newly created position in UMass President Marty Meehan’s office. (Boston Globe)

American International College is offering a master’s degree in cannabis science, the first of its kind in the region. (MassLive)

HEALTH/HEALTH CARE

For Mass. pharmacies, the largest amount of drug spending came from anti-inflammatory medicine, a study suggests (MassLive)

DEA agents raided the Newburyport office of controversial psychiatrist Keith Ablow. (Salem News)

ARTS/CULTURE

The Bay State Banner reviews The Huntington Theatre Company’s production of “Sweat,” a story of lifelong residents of a factory town whose lives are impacted when a local plant shuts down.

TRANSPORTATION

Funding to replace the Sagamore and Bourne bridges is not included in President Trump’s fiscal 2021 budget or the US Army Corps of Engineers’ fiscal 2020 work plan. (Cape Cod Times)

ENERGY/ENVIRONMENT

Mineral in concrete puts houses at risk of foundation failures. (Telegram & Gazette)

CASINOS

“Performing below our expectations”: Outgoing MGM Resorts CEO Jim Murren offers real talk on Springfield casino. (MassLive)

CRIMINAL JUSTICE/COURTS

The superintendent of the Souza-Baranowski Correctional Center defends his lockdown of the facility in the wake of an attack on guards, saying he was following protocols for such situations. (CommonWealth)

The Massachusetts Society for the Prevention of Cruelty to Animals has filed a complaint against a Freetown woman after finding and rescuing emancipated dogs and goats on her property. (Standard-Times)

A Suffolk Superior Court judge says he’ll decide next week whether the Muhheconneuk Intertribal Committee on Deer Island has the right to intervene in an ongoing fight between Quincy and Boston over rebuilding a bridge to Long Island. (Patriot Ledger)