To ensure no infected files remain from the cyberattack, potentially impacted DEQ servers and all employee computers have to be rebuilt. For servers, this means deleting all data and reloading the backed-up data before the attack. For employee computers this means deleting and reinstalling the operating system and Microsoft 365. Most DEQ employees do not currently have laptops and are working from their phones. Expect response times to be longer.
“Security is our main priority as we bring DEQ back online,” said Chief Information Officer Angel Gillette. “We’re putting additional measures in place to protect our staff, DEQ data and data of those we interact with and regulate.”
Some of those measures include updated security software, hardware, and “cyber hygiene” policies.
DEQ’s goal is to get all of the servers back up and operating by Friday.
“These servers housed DEQ documents, programs and systems the agency relies on to do our business.” Gillette said.
DEQ has set up an internal incident command system to establish a clear and efficient process for getting computers back to employees. DAS Enterprise Information Services is supporting DEQ in rebuilding computers and already has 400 laptops ready to send out to DEQ offices.
As previously stated, any emails sent to DEQ employees between April 9 and April 11 did not go through and are not retrievable. You will need to re-send these emails.