A suspect has been arrested, according to information the executive office released Dec. 9.
“As a result of the rapid response of our employees, the damage was contained,” Principal Chief Richard Sneed said in a video statement. “However, as a result our servers are now powered down to protect our systems and data. The network will continue to be powered down until the appropriate steps can be taken to ensure the security of our network.”
Emergency services are still functioning, and all departments will continue to operate as normal within the limitations imposed by the downed network, Sneed said. The tribe’s financial information remains secure through the tribe’s financial systems software provider.
“There may, however, be a delay in services while we work with the software company to implement temporary access to that system while preserving the security of our data,” he said.
Sneed has declared a state of emergency for the tribal government as a result of the breach, and the attack is being treated as an act of domestic terrorism, he said.
“It is during trying times such as these that the character and spirit of the Eastern Band always shines through,” Sneed said. “Our community is rallying behind the dedicated professionals working to correct this issue, and I ask for continued grace as we work to restore full capacity of our tribal systems.”
It is alleged that a tribal employee who possessed security access not available to the general public carried out the attack, a press release from Sneed’s office said. The EBCI Information Technology Department became aware of the attack “immediately,” Sneed said, shut down the network and contacted the Cherokee Indian Police Department, which in turn contacted the Federal Bureau of Investigations, the N.C. State Bureau of Investigations and the U.S. Department of Homeland Security. These organizations, including the FBI’s Cyber Security Response Team, are assisting the CIPD with the investigation.
The Cherokee One Feather reported that Benjamin Cody Long, 36, was arrested in connection with the attack and charged with two felonies. He will face a felony tampering with public records charge as well as a felony obstructing government functions charge for allegedly placing ransomware on the tribal network, an action that resulted in a lock on all documents and denied users access.
Due to the attack, The One Feather will not be able to produce a print version of the paper this week, according to a Dec. 9 post to its Facebook page. Materials related to production of the paper, as well as subscription and advertising information, are inaccessible as a result of the breach. However, The One Feather’s website is operational due to a recent change in network hosts and contains PDF versions of all issues of the paper dating back to 2009.