Huber Heights cyber attack: Some functions restored, full upgrades weeks away

“Today, we were able to bring our finance and payroll systems back up, and we expect by Thanksgiving we’ll have our utility and tax billing up and running,” Dzik said.

City functions that still need to be restored include new building plan review, which is conducted by the fire department, and the police department is still unable to release property. Geographic information system mapping functions utilized by the engineering department also remains down as of Friday.

On Tuesday, Nov. 14, two days after the ransomware was detected by information technology employee Dan Harrison, the city purchased new devices to restore temporary operations while the investigation into the attack was underway.

These temporary accommodations will be in use until the city’s original technology can be cleaned with software reinstalled, Dzik said.

“In the upcoming weeks, we will continue installing next generation antivirus tools,” Dzik said. “The week after next, we’ll be re-emerging all city devices with the hope that we’ll be back to normal by the week of Nov. 27.”

At that point, he said, a complete rebuild and upgrade of the city’s IT infrastructure will begin. This will include installation of new firewalls, routers, antivirus software, and the replacement of any hardware on the system that provides security.

This upgrade is expected to be complete by Christmas, Dzik said, noting that 24/7 cybersecurity monitoring began Friday.

The city has been working with the FBI and the Secret Service, as well as third-party vendors, to complete the investigation and get temporary functions up and running, Mayor Jeff Gore said Friday, adding that local municipalities and statewide representatives have reached out to offer assistance if needed.

“We’ve gotten an overwhelming amount of support from lots of different agencies and we appreciate that,” Gore said. “It’s important for residents to know that when something like this happens, professionals get together, and we have opportunities to receive help. We certainly don’t take that lightly.”

While the evidence collection is complete, the investigation is still ongoing, Dzik said.

“It’s going to take two or three weeks of forensic research to determine if anybody’s information has been impacted,” he said.

The city will discontinue its daily updates on the investigation, but Dzik said new information will be released to the public as it becomes available.