For the first time in more than a month, Rocky Mount taxpayers are going to hear an update in the aftermath of the cyberattack on the city’s computer network.
New City Chief Technology Officer Gregory Cotten is going to make a presentation during a City Council work session set to start at 5 p.m. Monday in the council chamber.
The last time the public heard specifics was during a news conference on Sept. 2 led by City Manager Rochelle Small-Toney, City Finance Director Amy Staton and Mayor Sandy Roberson.
What was disclosed was a person or persons hacked the city’s computer network by using ransomware — and the municipality refused to make a payment for the return of information.
Staton told reporters the demand was for Bitcoin payment in return for a tool that would decrypt the encrypted files and any data the hackers may have taken.
Cotten, in documents provided as part of Monday’s work session agenda, said there are multiple opportunities for changes.
Specifically, the documents said they include training city employees in and keeping them aware of cyber security.
The documents said recommended changes presently are in various stages — complete, underway or recommended to be done.
The documents said the changes should include updating the city’s acceptable use policy.
The documents said the policy should include incorporating the use of email and mobile devices such as smartphones and laptop computers, prohibiting the use of personal devices on the city’s network and having controls for remote desktop access.
Remote desktop access is the ability to link up with a workplace computer from one’s home or while traveling.
Generally, an acceptable use policy covers issues regarding the rights, responsibilities and privileges of using computers in the workplace.
The documents, as part of the council work session agenda, also said the changes should include creating computer password policies to include using special characters, this so hackers cannot gain entry.
And the documents said the changes should include changing passwords every 90 days and prohibiting the sharing of passwords with others.
The city administration said the network disruption was first detected on Aug. 14 and said city staff and the city’s technology partners immediately responded.
The Telegram, for a story published on Aug. 19, reported that police were having to fill out incident and offense reports by hand and that the city’s system to enable a customer to pay his or her bill online was not functioning.
The city’s Facebook page said customers could use the drive-up service at the Business Services and Collections location along South Franklin Street and pay bills with cash, check or money order.
Cotten began working for the city on Sept. 21 after the city administration had been unsuccessful in filling what was a newly created position to highlight and expand the city’s technology assets.
The rest of Monday’s council work session agenda includes a discussion about council members’ requests to Small-Toney and her staff for information.
The work session agenda also includes a presentation by Staton and Candice Kirtz about the minority- and women-owned business enterprise program. Kirtz is the purchasing manager in the Finance Department’s purchasing division.
The work session agenda also includes going into a closed session, with the council citing the attorney-client privilege exemption to the State Open Meetings Law.
The work session is going to precede the 7 p.m. council regular meeting.