An outside agency that oversees the city of Yachats’ internet technology system is recommending that all city email accounts go to a two-factor sign-on authentication following a short-lived but successful hack into a city email account.
Facilities manager Heather Hoen email account was compromised about noon Feb. 4 and then used to begin a “lateral phishing attack” of contacts in her city email account, according to Laura South, a technology manager with the Oregon Cascades West Council of Governments.
Emails were sent out to various contacts in Hoen’s account. Many responded to Hoen about the unusual nature of the request to sign on to an account elsewhere and received a personal-looking email response that wasn’t from Hoen.
After being notified, South said she was able to stop it after 20 minutes by resetting Hoen’s password, disconnecting her computer and running a virus scan, which found no malware.
Hoen was given a two-factor authentication for signing on to her email, requiring her to confirm on a cell phone that she is logging in.
“This trial of two-factor authentication seems to be going well and I would recommend setting it up for the other city email accounts,” South said in an email that Mayor John Moore read at a City Council meeting last week.
Dann Cutter, the technology manager for the Albany-based council of governments, said the agency will take “further measures in the coming weeks and months to harden the Yachats infrastructure” along national guidelines.
“I have started the process and making recommendations for further action going forward – as well, I will be bringing in an outside competing entity to both ground truth our actions, and to provide Yachats will an alternate source of IT support so they can make an informed and economical choice,” Cutter said in his email to the city.