State officials work on partnership with counties after Fremont County cyberattack

FREMONT COUNTY, Colo. (KKTV) - After a cyberattack in August that targeted county officials, Fremont County is back open and resuming normal operations as of Monday.

Mykel Kroll, Fremont County’s director of emergency management, tells 11 News that officials are still working on small glitches left over from the attack. But he says they are also turning their focus on building a partnership with the state of Colorado so that they are better prepared for attacks like these in the future.

“I’ve been in the fire service for 15 years also,” Kroll said. “I would much rather have another natural or man-made disaster than a cyberattack.”

As Kroll recounted his experience when the BlackCat Ransomware attack happened, he said he felt unprepared.

“So that initial shock, I’ll say was pretty rough, because it felt like a personal attack, you know, on all of us, because it’s our -- it’s our county, it’s our citizens that we worked for that we help. It felt like such a personal attack,” Kroll said.

He got the initial call at 2 in the morning in late August and said he and the county’s IT director didn’t immediately know what kind of help they needed. They only knew that they needed more resources.

That’s when the state stepped in. Ray Yepes, the state’s chief information security officer, said he sent a manager from his office, to the shock of Fremont County’s staff.

“‘Why are you calling me? I’m shocked that you are calling me,’” Yepes remembered county officials saying. “That was the immediate reaction.” He continued, “This is one of the things, okay, I mean, that, in my opinion, we need to change going forward, based on this event.”

He’s referencing the relationship between the state and its counties. Kroll said defending against the attack went beyond the county’s capabilities. However, the partnership formed between him and the state was their saving grace and is something they are continuing to work on weeks later.

“This is when I decided okay, that I wanted to invest,” Yepes said. “Okay, a lot of my time going forward, and a lot of my leadership, okay, for the ‘whole of the state’ plan. And the only way to do it is by building partnerships and relationships.”

Part of this effort to create these partnerships, he said, is strengthening the “whole of the state” approach. This means creating specific task forces and internships dedicated to cyber security. Yepes said a huge focus is making sure that, should an attack happen again, counties know who to reach out to and what resources are available.

“That’s why these partnerships are so important,” Kroll said, “to have those contacts, know those faces, know the people personally, and get those resources going when you are locked out, shut out and shut down of everything.”

This specific attack targeted county officials, as well as a small number of community members.

If your information was put at risk, you should have already been notified by mail. If you have not gotten a letter, county and state officials say your information is secure.

If you still have concerns about cyber security, Fremont County has a website with resources to help you be more secure online.

Copyright 2022 KKTV. All rights reserved.