ALBANY, N.Y. (NEWS10) – The Joint Commission on Public Ethics (JCOPE) is continuing its investigation into a recent cybersecurity attack on its web application server. The commission expects its web services to be back online by the end of the week (March 11). These services include electronic lobbying reporting and financial disclosure statement (FDS) systems.
Any filings due during the outage will be automatically granted a 21-day extension. The March 15 lobbying bi-monthly report deadline has also been extended to March 31.
Information security officials at the State Office of Information Technology Services (ITS) are nearly done with their forensic review process, which tries to retrace the malicious activity step-by-step. The review has established that the incident was the result of an attack on the JCOPE Legacy Lobbying Filing System, which was used from 2005 to 2018. The system had been kept open to provide public access to those records for lobbyists to submit amendments after JCOPE audits, but the system will not be returned to service until further notice.
All underlying data that populates JCOPE systems are housed on a separate database server, and all credit card transactions are carried out by a third party- JCOPE stores no user credit card data. There is no direct evidence for unauthorized use of user information at this time.
Once the forensic review is complete, JCOPE will return its lobbying and FDS systems to service. “We expect operations to resume next week, but we will not sacrifice security and integrity in the name of speed,” said JCOPE Executive Director Sanford Berland.
The cyberattack was first discovered after a suspicious activity alert on February 21, and all systems were taken offline out of caution at that time. Early forensics suggest that the attack came in from U.S.-based public IP addresses, but nothing has been fully determined.