OMES IT unification protects state data from attack
OKLAHOMA CITY — As a ransomware cyberattack created worldwide chaos, State of Oklahoma agencies with their information technology unified under the IT umbrella managed by the Office of Management and Enterprise Services were protected and reported no disruptions in service.
Unification allows agencies to have the updated resources of Oklahoma CyberCommand that quickly detect and respond to ransomware attacks.
“CyberCommand has a specific set of technical and response capabilities to identify and respond to cyberattacks,” said Oklahoma CyberCommand Director Mark Gower. “During the latest global incident, we had zero reports of encryptions and no indicators of a compromised system due to this ransomware.”
Nonunified agencies are responsible for their own cybersecurity and typically don’t have immediate access to the updated resources available through Oklahoma CyberCommand and can therefore be more vulnerable.
“The focus of OMES to protect unified agencies against a cyberattack that brought down other systems worldwide, proves the value of IT consolidation,” said Secretary of Finance, Administration and Information Technology Preston L. Doerflinger, who is the director of OMES. “As this incident shows, misguided efforts to resist unification could lock up vital systems in a time of need or even allow the private information of Oklahomans to fall into the wrong hands.”
Ransomware is malware that installs itself on a device and holds data hostage until a ransom is paid. In 2016, CyberCommand successfully responded to about 32,000 cases of unique malware, about 750 instances of malicious activity, nearly 400 occasions of unauthorized access and two denial-of-service attacks. The state's ongoing information technology unification efforts and the OMES Security Operations Center can identify and quickly respond 24/7 to cyberattacks.
Starting Friday with the first reports of the ransomware attack known as Wannacry, OMES activated technical teams to make sure state systems were not vulnerable and to mitigate related risks to the state’s technology infrastructure. OMES technicians’ initial focus on the systems and workstations of unified agencies transitioned to include outreach to nonunified agencies and affiliates over the weekend.
“As with past threats, this current threat and any future threat, we will always take the time to validate we have the right IT and security posture to protect the state,” Gower said. “We took the weekend to review security of systems and make any adjustments we felt necessary to help guard against threats.”
The latest ransomware attack targeted current and outdated Microsoft Operating Systems for both workstations and servers, such as Windows XP. Prior to the attack, OMES had removed Windows XP, as it went out of support in 2014, and upgraded computer systems for unified agencies. Still, technicians scanned networks, applied systems patches, updated anti-virus capabilities and made changes to networks and email systems to further protect state data.
“We wanted to make sure we were protected,” Gower said. “If you heard that burglars were in your neighborhood, you would certainly want to go and check that the windows and doors were locked.”
This is the second time in recent weeks that unplanned incidents have shown the value of unifying IT with OMES. When strong storms knocked out power at the Capitol during last weekend of April, the data of unified agencies remained secure and accessible at the OMES Data Center, where generators kicked into gear almost immediately and kept the state’s data online.
“Having Oklahoma CyberCommand and other protections and redundancies in place is an important part of IT unification,” said Oklahoma Chief Information Officer Bo Reese. “Simply put, the State of Oklahoma is stronger with a unified IT infrastructure.”
Unification, legislatively mandated by HB 1304 in 2011, partners agencies with OMES to streamline and consolidate IT efforts. By the end of fiscal year 2017, 78 mandated agencies, and more than 30 voluntary (nonappropriated) state agencies, will have been brought under one IT umbrella at an estimated reduced spending and projected savings of about $130 million. The increased purchasing power of unification saved the state another $46 million in FY 16 in IT contracts.
Director of Public Affairs
(405) 522-4265 | [email protected]