Russell Township Police Email Disruption Halted Communications for Nearly Two Months
Published
Key Takeaways
- Prolonged Disruption: The Russell Township Police Department's email was blocked for nearly two months last year following a suspected cyber intrusion.
- Intrusion Indicators: Geauga County detected unusual DNS lookups associated with Russia and Spain originating from police endpoints, prompting the domain block.
- Operational Impact: This forced the department to use manual workarounds to communicate with the prosecutor's office and courts.
A suspected cyber incident response by Geauga County IT officials led to a prolonged email outage for the Russell Township Police Department in Ohio. On September 8, the county's Automatic Data Processing (ADP) board blocked the department's “russellpolice.com” domain after security tools flagged anomalous network activity.
County officials cited a "zero-trust" security posture to contain the potential threat and prevent it from spreading to interconnected county systems, including the Spillman records management system.
Potential Ohio Cybersecurity Incident Triggers Email Shutdown
Reports citing an October ADP meeting say it revealed that the activity included DNS requests linked to Russia and Spain, while the pattern pointed to a potential Microsoft 365 Direct Send issue.
The incident, which reportedly involved police department machines, including a mobile data terminal and a school resource officer's laptop, sparked a disagreement between county officials and the police department's IT contractor, Simvay Systems.
While the ADP board viewed the activity as a potential compromise, Simvay argued the indicators pointed to an MFA configuration issue rather than a malicious intrusion.
“Instead of owning up to their mistake, being professional with our ADP staff and working towards a solution, (Simvay) immediately wants to launch into accusations and then they prepare a report [...] saying that that one of our employees is unethical, which that particular employee has, has been an exemplary employee, in my view, for ADP,” said Geauga County Prosecutor Jim Flaiz, who also sits on the ADP board.
Operational Fallout
Despite the debate, Police Chief Tom Swaidner reported significant communication challenges with the sheriff's office, the prosecutor, and the courts, forcing the department to revert to manual processes, such as hand-delivering sensitive information, Geauga County reported.
The county board maintained the block until it received sufficient evidence of mitigation, which coincided with an "election lockdown" period.
Service Restoration and Regional Context
After approximately two months, the police department restored its email services by transitioning to a new .gov domain in early November. This Ohio cybersecurity incident is part of a broader trend of cyber events impacting local governments across the state.
A cybersecurity incident at the third-party data migration firm Whitebox Technologies, which supports multiple agencies nationwide, may have impacted the Anchorage Police Department (APD) in Alaska.
In October, TechNadu reported that threat actors leveraged a Microsoft 365 Direct Send exploit to conduct phishing campaigns and business email compromise (BEC) attacks. Recently, Microsoft announced seizing the infrastructure of the RedVDS platform, a significant source of malicious activity that primarily facilitates payment diversion fraud and BEC schemes.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular