WEST CHESTER, Ohio — West Chester Township said it was notified of a potential cybersecurity breach Tuesday morning.
Township officials said they were alerted that a "malicious hacking group" appeared to have targeted their central email server. The attack is the second time the same group has targeted the township in the past month, officials said. The first attack was on Aug. 12.
At this time, the township says there is no evidence that data has been stolen.
Since the first attack, West Chester said it has been working with the FBI Internet Crime Complaint Center, legal counsel and cybersecurity experts to "investigate the incident, strengthen our defenses and respond to the potential threat."
"A forensic analysis has been initiated into the attack, and steps have been taken to protect critical systems and sensitive data," township officials said.
Watch: Cybersecurity experts say local governments have been new targets for cyber attacks
The news comes a week after Middletown announced a cybersecurity incident that impacted several city functions. Officials did not say if any personal information of city officials or residents was accessed in the cybersecurity incident. However, in-person services for things like public records, utility billing, income tax and public health were shut down due to the disruption.
"Please be patient as the city navigates this unfortunate situation," Middletown officials said at the time.
Days later, some services reopened to the public, but emails, phones and website services were still unavailable.
It is unclear at this time if both West Chester and Middletown were attacked by the same group.
We spoke with two different cybersecurity experts, Richard Harknett and Mark Schnitter. Both said that cities are becoming a bigger target for cyber-criminals.
“They typically don’t have the same type of resources, you know, whether it be financial or people, that larger entities like Fortune 500 companies have,” said Schnitter, who is the CIO of Nexigen, a Newport-based IT firm.
Harknett, who is the director of the Center for Cyber Strategy and Policy at the University of Cincinnati, said another reason is that local government provides public services to residents.
“What the criminals are hoping is ‘hey, I don’t want my citizens to suffer, so I’ll pay that ransom,’” Harknett said.
But there are ways for local governments to protect their data and servers, including a free class for local governments by the Ohio Cyber Range Institute called the Ohio Persistent Cyber Improvement for Local Government.
Currently, the institute is teaching over 10,000 public employees how to prevent a cyberattack and what to do if one strikes.
While citizens can’t do much when it comes to preventing cyberattacks on their city, there are things they can do to protect themselves.
Schnitter and Harknett said to use multi-authentication when it’s available, use different and strong passwords for accounts and implement a credit freeze or regularly check your credit score to make sure no one is messing with your bank account or social security.
West Chester said it will share updates on the incident as more information becomes available.
