Suffolk Cyberattack Consultant Lobbies For County Cybersecurity Vendor: Report

HAUPPAUGE, NY — The consulting firm RedLand Strategies, brought in to help Suffolk's response to the Sept. 8 cyberattack, has also lobbied for a cybersecurity contractor hired by the county over three years ago to strengthen networks, presenting a potential conflict of interest, Newsday reported.

Consulting firm RedLand Strategies and founder Michael Balboni's role as state lobbyist for the company, as well as a consultant for Suffolk, could present potential conflicts of interest as the cyberattack is mitigated, security experts and a government watchdog group told the outlet.

Other computer experts also aired concerns Palo Alto Networks, which provided the firewall for Suffolk's cyberattack defense, is now the primary forensic auditor examining the breach, according to the outlet.

Balboni is not accused of any wrongdoing, according to Newsday.

Balboni, in an emailed statement to the outlet, wrote: "Redland Strategies was hired to assist the county with incident response and management for the ransomware attack in September and has not advised on the retention of any vendors.”

Palo Alto didn't respond to requests for comment about the relationship with RedLand or potential conflicts, then declined to comment on the breach, Newsday reported.

Marykate Guilfoyle, spokeswoman for County Executive Steve Bellone, told Newsday in a statement: "As the county continues to navigate the cyber intrusion, we have contracted with a number of leading industry vendors to conduct a comprehensive forensic assessment. In line with best practices, the county is continuing its rolling restoration of services and is making security upgrades to county systems to better protect against any potential future attack."

For more in Newsday, click here.

Information Technology Commissioner Scott Mastellon told lawmakers his department planned to hire more staff and security contractors and invest in hardware and software to prevent another attack, but he couldn't say how the county plans to pay for the new people and equipment, Newsday reported.

Suffolk's web-based applications were attacked Sept. 8, forcing officials to take down some of its services, including web pages and email, while they undertook an investigation. The attack has since been deemed a ransomware attack.

A cybercriminal gang named "BlackCat" has alleged responsibility, according to posts on the dark web.

County officials have previously said that the hackers responsible for the cyberattack had either accessed or acquired residents' personal information and they advised vigilant credit monitoring.

RELATED STORIES:

• Funding Questioned As Suffolk IT Head Plans To Boost Staff, Equipment
• Suffolk's IT Dept. Got Millions For Security Before Attack: Report
• Suffolk Lawmakers Form Committee To Investigate Cyberattack: Report
• Suffolk Officials Warned Of Possible Cyberattack Months Ago: Report
• Suffolk Owes $140 Million To Vendors Since Cyberattack: Report
• Suffolk Cyberattack: Title Searches Return As Property Sales Delayed
• Suffolk Hack: Residents Told Obtain Credit Report, Look Over With Care
• 'Threat Actor' Claims Responsibility For Suffolk Hack On Dark Web
• Suffolk Exec Says 'Cyber Intrusion' Has Hallmarks Of Ransomware
• After Possible Cyberattack, Suffolk Deploys Manual Record-Keeping