Spam attack spurs shutdown of town of Stockbridge email traffic
STOCKBRIDGE >> For more than three weeks, the Town Offices and police station were bugged by an e-mail snafu caused by an attack from a spam-generating company that seized the townofstockbridge.com domain.
The result: Google "blacklisted" the town's website, meaning that users of Google's gmail service could not receive messages or documents from town officials and the police.
"The town's domain was 'spoofed' by a spam-generator," said Howard Siegel, owner of Bug Busters Computer Services in Pittsfield, which handles the Stockbridge town government's information technology account. "The result was that Google listed the town of Stockbridge as a bad domain."
"I can't receive important e-mails and I can't respond to others that I need to, they're getting rejected, especially legal counsel," Police Chief Robert Eaton told Select Board members at their meeting last Wednesday. "It's really hindering our functions and operations at this point."
As of Friday morning, a new IP [Internet Protocol] address ordered by the town seemed to have cured the malady, Town Administrator Jorja-Ann P. Marsden reported.
Siegel confirmed that the issues had been resolved "for the most part."
An IP address is a numerical label assigned to any device such as a computer or printer that's part of a computer network using Internet Protocol for communication.
The disruption had been "very frustrating," Marsden told the Select Board. "Now everybody uses a computer or whatever, and we can't communicate with them. So, you have to pick up the phone or you have to fax them."
"It's crazy when this is the way everybody communicates and now we can't," she added. "I love talking to people but it's so much faster to do the e-mail."
According to the town administrator, though staffers at the Town Offices could receive gmail, they could not reply, nor could messages be initiated to any recipient using a Google server.
The issue was especially challenging for local government, Marsden pointed out, because Town Counsel Raymond J. Miyares of the Miyares and Harrington law firm in Wellesley has a Google server.
"We've been doing everything we can with Google to get this back up and running," she noted.
"We're paralyzed without it," Selectman Stephen Shatz said.
Siegel, the Bug Busters chief, told The Eagle that the town's web address and e-mail were "in no way compromised. No one accessed the town of Stockbridge system. Incoming e-mail was OK, but outgoing was blocked."
Asked by Select Board Chairman Charles Gillett whether the problem has surfaced in other towns, Marsden cited "a very big organization also has been having this problem."
Berkshire Health Systems has been impacted by computer malware, according to a Jan. 29 report in The Eagle, though no patient health or payment information was compromised. But, as Siegel noted, the problem there was caused by hacking rather than spamming.
"It's interesting to me that it's gone on for so long," Gillett said, referring to the Stockbridge issue. "I find it so unacceptable. It's just unbelievable to me that somebody can't fix this, we're talking three weeks." But he acknowledged that "I don't really know the ins and outs of IP addresses and servers."
Gillett suggested that emergency services in Stockbridge may have been impacted and communication within town government was definitely hampered. "It's also a huge waste of time," he noted.
Marsden observed that Town Assessor Michael Blay had to use his personal e-mail account and server to send and receive documents from Google users.
Marsden gave Bug Busters high marks for sleuthing and seeking to solve the disruption.
On Feb. 16, Siegel said, the spammers started flooding Google's server with 300,000 to 400,000 bogus e-mails. That set the Google server "on fire," so to speak, and resulted in townofstockbridge.com being "blacklisted" so that incoming and outgoing messages were "returned to sender."
He explained that the delay in resolving the problem was caused by the difficulty in reaching an individual at Google who could act quickly to remove the town of Stockbridge from the blacklist.
"Google has its own internal blacklist monitoring system," Siegel said. "What Google and others should be looking for is to verify that the e-mails are legitimate, but spammers can trick the automated system."
According to Siegel, "once we got on their internal blacklist, we did all we could but there's no one you can talk to. When you're dealing with Google, 'ASAP' does not happen."
Conceding that he was "disappointed" in Google, Siegel finally changed the IP address for the town government site, which led to Friday's apparent resolution and restoration of normal e-mail service to and from gmail users. The address was changed by Time Warner Cable, which supplies Internet service to the Stockbridge Town Offices, but that required about a week, he added.
Bug Busters serves many dozens of clients in Berkshire County, Siegel noted, including other town governments. "This was not a first-time incident in the county," he acknowledged. "If somebody really wants to get into your system, they will. The town of Stockbridge is a high-profile client."
Siegel advises clients to avoid Google e-mail if possible because "they have great products but if there's a major issue and you need human interaction, there's nobody to talk to."
Contact Clarence Fanto at 413-637-2551.
Internet safety tips ...
Here are some suggestions for reducing the risk of spamming and hacking on workplace computers:
1. Avoid browsing the Internet for anything other than business-related needs.
2. Do not use your company email for personal use, especially for buying things from online sites.
3. Do not user your business computer for Facebook, Amazon and other similar sites.
4. Remember even if you have the best firewalls and the best antivirus software, intruders can get into your system if they really want to and you can still get a virus.
5. The government and other entities such as Sony and Target can get hacked and so can you, regardless of your security protocols. If someone really wants to get into your system, they will.
TALK TO US
If you'd like to leave a comment (or a tip or a question) about this story with the editors, please email us. We also welcome letters to the editor for publication; you can do that by filling out our letters form and submitting it to the newsroom.