At Geographic Solutions in the U.S., unemployment functions and benefits were interrupted in many states due to a cybersecurity incident. Florida-based Geographic Solutions operates employment services at dozens of state agencies. However, in July 2022 the company was forced to take its IT systems down due to a cyberattack.
The attack prevented tens of thousands of people across the U.S. from filing unemployment claims on time.
Looking into the matter for Digital Journal is Craig McDonald, Vice President of Product Management, BackBox.
McDonald begins by setting out the scale and significance of the attack: “This attack on Geographic Solutions (GSI), which forty states and Washington DC use for their HiRE websites, is another example of how cyberattacks can affect vital aspects of providing services.”
In terms of the impact, McDonald predicts: “In this case, the estimated restoration time is 72 hours and unemployment payments, at least in Louisiana, will be delayed two days before the 1st of the month when rent and other bills will be due for many Americans.” (McDonald is referring to people in the U.S.).
Further to the scale of the incident, McDonald adds: “Tennessee is suspending payments to at least 12,000 individuals because the Department of Labor and Workforce Development cannot access jobless claims data until the Geographic Solutions website is restored. Many other states including Nebraska, Iowa, Texas, and California have reported disruptions in work search capabilities or filing a claim online.”
In terms of what can be done to help address such attacks, McDonald says that data handling is important: “Just this past month CISA released a joint advisory recommending a data and systems backup plan that is isolated from the network as many ransomware variants infect recovery files.”
As a more concrete recommendation, McDonald advises: “To ensure business continuity, organizations and contractors of all sizes can proactively prevent outages and unnecessary downtime by following this guidance. Organizations can also look to leverage network security automation to ensure backups and other critical tasks like patch management and OS upgrades are executed consistently and with verified outcomes, and that the network can be restored quickly and reliably in an emergency situation.”