Cyber-Attack on New York Ethics Watchdog

New York State’s Joint Commission on Public Ethics (JCOPE) has been forced to shut down its systems following a “deliberate malicious cyber-attack.”

The ethics watchdog, which regulates lobbying at the State Capitol, said on Friday that an investigation had been launched to determine the scope of the attack and who was behind it.

The alarm was raised at the beginning of last week by workers at the New York Office of Information Technology Services (ITS) who received an alert regarding suspicious activity on JCOPE’s network. The Commission shut down systems, including its lobbying application and financial disclosure statement online filing system as a precaution.

JCOPE said the attack was confirmed following “several days of preliminary forensic analysis by ITS.”

No timeline has been given as to when the systems will be back up and running, with JCOPE saying only that the systems will remain offline “until they can be brought back up safely.”

An investigation into the incident has been launched. However, a suspect is yet to emerge. 

“We do not have any information at this time about who may have been behind the cyber-attack, and although we do not know yet if there was an actual breach of user or other agency information, we will be working with law enforcement, including the New York State Police and the Office of the Attorney General, as well as the Department of State’s Consumer Protection Division, to further investigate this incident and meet all legal obligations triggered when a system breach occurs,” stated JCOPE.

The Commission said that it is in the process of notifying the regulated lobbying community and financial disclosure statement filers of the security incident and its impact. 

Extensions will be automatically granted for any filings due at the time of the attack and could not be submitted because of the outage. JCOPE said the period of those extensions would be determined once the systems have been brought back online.

“Our first and highest priority is the safety and integrity of the data entrusted to the Commission by the regulated community,” stated JCOPE executive director Sanford Berland.

What’s Hot on Infosecurity Magazine?