Argos Town Council Receives Cyber Security Update

The Pilot News Group Photo/James Master. Argos Town Council members Ed Barcus, Gary Schue, Shawn Harley, Charles Randy Snead, Erica Partin

Article submitted by James Master, The Pilot News Managing Editor

The Town of Argos kicked off its second meeting of the new year hearing the town’s cyber security report from Bob Barcus. The report highlighted some of the cyber events from the prior year.

Barcus started out by informing the council that going forward he will be providing a monthly report, something that he does for other government municipalities. He said that the report may be “overkill”, but it would be good for the council members to have the information.

“I would say that probably the first thing on there is the multifactor. That was actually a big implementation for actually just getting all of the town employees on multifactor,” said Barcus about Microsoft Multifactor Authentication. “Occasionally we have to turn it back off and then back on for certain people. And there have been a few little glitches from Microsoft in turning that off.”

Barcus stated that they work through the glitches as they occur.

“We also do a lot of monitoring as far as the emails go,” Barcus said. He told the council that they look for what they call a “security event.” They even look at the IP addresses of those events which often leads to providing Barcus with clues about whether or not an email address was compromised.

He stated that he and Utility Superintendent Jamie Lindstrom have had conversations with RTC concerning segmenting off the town’s network.

“I don’t know if you’re aware or not, but when RTC first came into town, when they built the network that the town uses, it’s called Wide Area Network, that’s caused some problems for RTC. It’s causing problems for us as well. So, we’ve been working through that with RTC to actually break that network down to the various components,” Barcus said. That would mean that every building would have its own network that’s apart from everything. “It helps prevent spreading of potential problems.”

A number of network intrusions have been blocked, reported Barcus. Network intrusions are incidents that are usually external attacks on the town’s network. Barcus informed the council that the appliances in place can monitor and block those intrusions. “Usually, it’s an external type of attack or a lot of false positives. We do get false positives because the software’s actually looking for a problem on the network, it detects something, and it automatically blocks it and then we review that ,” he said.

Barcus told the council that the Federal and state government has sent alerts out regarding the need to stay alert for certain types of attacks against municipalities and utilities. The alerts were given out, according to Barcus, due to the war in Ukraine.

“We did block an attack from a Russian IP address,” Barcus said. “We are, by default, now blocking Russia, Ukraine, Belarus, China, North Korea.”

Overall, Barcus told the council that, in his opinion, the Town of Argos is in a good position as far as cyber security goes.