Several government agencies in the county still need to strengthen their defense against online attacks, according to the Marin County Civil Grand Jury.

In a new report, the investigative panel followed up on a review last year that identified troubles with agencies’ cybersecurity measures. The report highlighted two Marin agencies struck by cyberattacks in the past year.

The Marin Housing Authority lost $950,000 during a “phishing” attack last July, when a thief pretended to be an agency vendor and diverted money through routine transactions.

“As of the date of this report, none of that money has been recovered,” the jury said.

In March, hackers attempted more than 190,000 times within 24 hours to access the Sausalito city website. City security measures stopped the attack. The incident prompted the City Council to cancel a meeting and postpone undiscussed items.

“The threat to municipalities from cybercrime continues to be a major risk,” the jury stated.

The county had five cyberattacks on government computer systems between 2017 and 2018, including an incident where a hacker misled the county’s finance staff into wiring $309,000 into the hacker’s bank accounts, according to a 2020 grand jury report.

The grand jury reported that all 11 of Marin’s municipalities adopted or were in the process of adopting most of the cybersecurity practices it recommended in 2020. Also, the county has established the Marin Security and Privacy Council to offer cybersecurity practices and information to municipalities.

Last year, the grand jury called upon county supervisors to consider forming a cybersecurity joint powers authority. The jury said the authority could acquire and operate defense systems to resist cyberattacks.

Liza Massey, the county’s chief information officer, said the joint powers authority was not formed. Her staff met with representatives of cities and towns and found they weren’t interested.

“A few said, oh, maybe, if it’s not too costly,” Massey said. “The others said, we have our own cybersecurity programs, we don’t need it.”

In its new report, the jury said the county’s information systems technology staff supports the cybersecurity infrastructure for all county departments as well as special districts that have county supervisors serve as directors.

However, the jury noted that the sheriff’s staff supports parts of the Marin County Sheriff’s Office cybersecurity structure. The information technology systems of the Marin Housing Authority and the Marin Transit District are also not supported by the county, but rather by third-party contractors.

The grand jury said a “decentralized” approach to information systems across agencies poses challenges with security and access to data management resources.

“The grand jury recommends that by providing the county with a standardized information management process that is overseen by one functional entity, IST, the county could reduce overall cybercrime risk,” the report said, referring to the Information Systems and Technology department.

Massey said the IST office remains the county’s central department and provides cybersecurity resources for county agencies, including the sheriff’s office.

She added that her staff has been consulting with the housing authority since its security breach and helped it investigate the attack.

The grand jury made six new recommendations for county officials and agencies, including having all county departments and county-dependent special districts centralize their enterprise operating systems. It also recommends having the county IST staff oversee computer security for Marin Transit and the Marin Housing Authority.

The jury also wants the county IST staff to change all county website domains from .org to .gov. by Dec. 31 to help users better recognize government websites and emails.

“We are looking at this most recent report since it has some new recommendations, and we are formulating our responses,” Massey said.

Kimberly Carroll, the director of the housing authority, said she will directly respond to the jury’s recommendations and findings.

Marin County Supervisor Mary Sackett, president of the board, said that the county will respond to the report but declined to comment further.

The grand jury’s report is online at shorturl.at/hrHzF.