By Jessica Mathews/News@whmi.com


Local Democrats say the computer systems of Livingston County and cities, school districts, and townships may be threatened by a recent cyberattack of key federal agencies by Russian operatives.

A press release from the Livingston County Democratic Party says Livingston County’s servers use the Orion Platform software from SolarWinds - the same third-party software vendor that managed the servers of multiple federal agencies including the Department of Homeland Security that were hacked earlier this year and their systems exposed.

Livingston County’s Information Services department approved SolarWinds last June, despite warnings by its outgoing IT officer that the product was overpriced and had security issues. For example, SolarWinds used a password “solarwinds123” even though security experts routinely warn against using passwords that can be easily guessed. In June, the Board of Commissioners unanimously approved $68,254 for the platform. The release says the potential breach could affect election data, county financial data and 911 Central Dispatch but asserts the potential harm goes far beyond county data. It states that local municipalities use the county’s servers and network for services, meaning data of area school districts, cities, and townships could be at risk.

Chair of the Livingston County Democratic Party Judy Daubenmier commented that she’s not one to casually peddle conspiracy theories but this needs to be examined carefully and tough questions asked both about why the county went with SolarWinds and whether data has been compromised.

Articles about SolarWinds’ weak security practices were said to be provided to the county administration and IT department last December by outgoing Chief Information Officer Rich Malewicz. The release says his successor Kristoffer Tobbe, an appointee by the Board of Commissioners and current Brighton City Councilman, still chose the product. Malewicz said due to the security issues and the risk it posed, including growing dissatisfaction with SolarWinds’ cost, he instructed the temporary CIO and network manager not to renew SolarWinds in the next year. Unfortunately, he says they did not heed his instructions/warning and went on to purchase additional SolarWinds software that he vehemently opposed to an unnamed commissioner due to wasteful spending of taxpayer dollars and the incompetence of the decision to purchase.

Livingston County Administrator Nathan Burd told WHMI they’re confident that County data is secure at this time. He says when their IT Department was notified about the SolarWinds cyber security issue, they took immediate action based on recommendations by the Federal Cyber & Infrastructure Security Agency, the Multi-State Information Sharing & Analysis Center, and the Michigan State Police Cyber Security Command Center. Burd says the county’s system was thoroughly reviewed and no malicious activity has been found. The County IT Department will continue to monitor any developments regarding the SolarWinds platform.

However, not everyone is assured the issues are easily spotted nor resolved. Former 8th District Republican Congressman Mike Rogers wrote in an Op/Ed in the Wall Street Journal that the breach was, “the most significant cyber incident in American history.” Rogers, who served as Chair of the House Intelligence Committee until he stepped down from Congress in 2014, wrote that “Russian intelligence—likely the SVR, the foreign-intelligence branch—infiltrated and sat undetected on U.S. government networks for nearly 10 months.” He called it “a sophisticated, smart and savvy attack that should alarm the public and private sectors.”

Rogers continued, “We may not know the full extent of the damage for some time. What is truly scary is that the Russians are inside the house now. Who knows where they’ve planted malware, corrupted or deleted data, locked users out of systems, or destroyed systems entirely? Turning off the system and uninstalling SolarWinds software isn’t enough. It may take years and thousands of hours to unpack fully where the Russians hid themselves and their code.”

The full release is attached.