By Hank Russell
Video by Freddie Cain
Watch the video here: https://www.youtube.com/watch?v=TSWI5jv4OtY
The director of information technology with the Suffolk County Clerk’s office provided approximately 60 minutes of testimony at a public hearing before the Cyber Attack Investigation Committee on June 16 on the ransomware attack that took down the county’s computer infrastructure.
In his opening statement, Peter Schlussler addressed the committee and special counsel inside the William H. Rogers Legislative Building in Hauppauge. He spoke about what he felt was an unjust punishment handed down from County Executive Steve Bellone for what happened and how his warnings were constantly ignored.
“If a chief information security officer (CISO) and a remediation plan were in place, we would not be here today,” said Schlussler. “If the existing DoIT (Department of Information Technology) leadership acknowledged numerous red flags and my repeated emails, warnings and calls, we wouldn’t be here today.”
Legislator Anthony Piccirillo (R-Holbrook), the committee chair, asked why a CISO was needed. “The CISO would have overall responsibility for the cybersecurity to ensure the standard policies and procedures are in place and structured in such a way that all cybersecurity events [required] patches,” Schussler replied. “Every large-sized company, medium-sized company and government has one. Why we don’t have one, I don’t know.”
He also pointed out that the county does not have an emergency plan or insurance for protection against ransomware attacks. Piccirillo asked him who would be responsible for purchasing such insurance. He said that would be the responsibility of the CISO or the county executive.
According to Schlussler, there were approximately 60 warnings sent out between February and September 8, 2022. He also notified then-Suffolk County Clerk Judith Pascale about the attacks and urged her to contact the district attorney’s office to have DoIT leadership address the situation as soon as possible.
On June 9, 2022, the county clerk’s office put in a request to purchase a Palo Alto departmental firewall that was submitted to DoIT, but that request was denied, Schlussler claimed. “Having such a use [for the firewall] would have contained such provocation.”
On September 8, 2022, the cyberattack occurred on the county’s systems. Two hours later, the ransomware attack hit the county clerk’s office. Schlussler said that Pascale realized what happened and disconnected its system from all the outside networks; however, the DoIT did not disconnect its systems.
On December 21, 2022 — a couple of months after the breach — Schlussler was “unceremoniously removed” from his position “with no due process.” He also accused Bellone of “personally maligning my character” and warned civil servants of this “chilling” and “aberrant behavior” that is “allowed and all employees will be subject to similar vilification.”
Long Island Life & Politics reached out to Bellone’s office numerous times via email for comment. They did not respond as of press time.
Legislative Majority Leader Kevin McCaffrey (R-Lindenhurst) pointed out that the county had a Palo Alto firewall system in place that “could be configured for each department” but asked Schlussler if these firewalls were “insufficient.”
Schlussler said he wanted to use Palo Alto hardware firewalls, instead of the virtual firewalls.”The virtual firewalls would not allow me to look at the logs and the security traffic. The physical device would allow me that visibility.”
When McCaffrey asked him if he was aware that many departments were using a virtual firewall, Schlussler said he wasn’t aware until after receiving an email from DoIT about the attack.
Piccirillo was asked after the meeting regarding Bellone’s actions against Schlussler and the ransomware attack. “Hearing from both parties and finding out what the answers are — that’s what we’re here for,” he said. That’s the purpose of this committee: to find out what happened, why it happened and make sure it doesn’t happen again.”