The Chinese Computer Connection To The 2022 Suffolk Cyber Hack

Suffok Cyber Hack 1

There are several events in recent times that Long Islanders are not not likely to forget soon — Superstorm Sandy, the Gilgo Beach killings, and the Suffolk cyber hack.

Thankfully, no one was killed in the Great Suffolk County Hack, but some 500,000 Suffolk residents were impacted.

Either their Social Security numbers were hacked or they were unable to pay parking or traffic tickets, and county civil service workers were forced to go back to the era of the 1990s, using fax machines and pencils and pens.

All this came about when computer hackers first broke into Suffolk County’s computer systems in early December 2021.

The range of the damage was not publicly disclosed by Suffolk County Executive Steve Bellone until later, on De. 21, when he revealed the opening of a forensic investigation into how it all happened.

He had authorized an investigation by the cyber firm Palo Alto. He blamed an organization he called BlackCat, a professional hacking outfit also known as ALPHV. 

The FBI is continuing to investigate the matter.

Suffolk Cyber Hack 2
The Suffolk County cyber attack is far from the first hack on Long Island, where dozens of ransomware attacks and hacks in general hit local school districts.Getty Images

Chinese Connections to the Suffolk Cyber Hack

But now, a relatively small Mineola-based cyber software firm, RevBits, has developed a novel theory: It is “likely,” the firm says, that the hack was carried out by “Chinese criminals linked to the Communist regime.” 

RevBits’ chief executive is David Schiffer, who has decades of experience in the cyberworld and used to run Safe Banking Systems, which he said looked for “the bad guys” who tried to hack into banks.

He joined RevBits in March 2019 as chief executive officer. His chief technology officer is Mucteba Celik, who has more than 15 years experience in cybersecurity.

The vice president of business development is Neal Hesterberg, a former FBI agent who worked on counter intelligence and in the agency’s cyber divisions.

The firm is also working with James Mulvaney, a former Newsday reporter who served as the paper’s Asia bureau chief and won a Pulitzer Prize at the Orange County Register.

Mulvaney is now a cyber consultant. 

To many, it may sound preposterous that the Chinese or criminals linked to them would want to hack Suffolk’s computer system.

But as far back as mid-April, the FBI and other intelligence agencies knew the Chinese were on some type of worldwide hacking campaign.

“According to statements made in April by FBI Director Christopher Wray, the Chinese government will stop at nothing to obtain greater wealth and power, silence any opposition, and promote its authoritarian views around the world,” according to an account in a RevBits’ white paper given exclusively to the Press.

Shiffer, 75, who lives in Melville, began noticing that his granddaughters were not receiving their grades from school.

He was puzzled.

He started seeing big bold headlines in newspapers crying out about the hacking in Suffolk. 

“I had to understand what was going on,” he said in an interview in the spacious conference room in his Mineola office. He became annoyed when the hacking delayed local election results. 

According to the white paper, “The FBI has recently warned that the Chinese government is using stolen personal identification to target Chinese nationals residing here, including U.S. citizens, as part of a campaign to export repression.”

RevBits’ white paper dug further. It says “a hacking group” known as APT41 “began storming computer systems around the globe only a few years ago.

The paper added that “the flow could impact hundreds of millions of devices and that hackers were executing millions of attempts at intrusion.”

According to the white paper, “The hackers made initial access on Dec. 19, 2021.” The white paper said, “the group began slamming computer systems around the globe within hours.”

It said also that a cybersecurity firm, Mandiant, acquired in September 2022 by Google Cloud, has identified APT41 “as a Chinese state-sponsored espionage group” that started as a criminal rogue operation, shifting eventually to government-driven spying.

The impact on Suffolk was devastating, according to Bellone.

At a December 2022 press conference, Bellone said the hacker — whom he did not identify by name — has breached wide swaths of the Suffolk government’s system.

They had been able to virtually run the Suffolk County Clerk’s office remotely. They were able to lift entire files from computers, and stole one named “Passwords.”

They managed to get into the traffic and parking violation agency and the health department. 

They demanded $2.5 million in ransom. Belllone refused to pay.

Bellone said Christopher Naples, an IT supervisor, who county prosecutors say had hidden 46 bitcoin mining machines in the Riverhead clerk’s office, had opposed suggestions of changes and upgrades to the computer systems, allowing the hacks to take place. 

MaryKate Guilfoyle, a spokeswoman for the county, said the county district attorney’s office is investigating Naples and that she could not comment further.

Recovering from the Suffolk Cyber Hack

The county has spent $3.4 million to restore virtually all computer services and $2 million on a forensic investigation, Bellone said.

It has also hired a former U.S. Attorney, Richard Donoghue, to investigate the cyberattack.

RevBits has supporters who believe that China is responsible for the Suffolk hacks.

Ed Eisenstein,a former Commissioner of IT in Nassau County, said that “the game Russia, China and America are playing is dangerous” in that mass spying is ongoing.

“The Chinese government is interested in everything about us, including our eating patterns,” Eisenstein said. “They’re interested in our society. They’re interested in how rich people on the East End of Long Island live.”

Paul Trapani, another cyber expert, said that future warfare will be based on cyber attacks, so there is no cause to doubt China’s interest in hacking computers of local governments.

Mulvaney, said RevBits had a reason for issuing the white paper. “We want the government to fix the problem,” he said.”How many warnings do they need?” 

Suffolk Cyber Hack 3
Getty Images