The Oklahoma Corporation Commission website remained offline Monday, more than one week after a hacking attack knocked the agency’s computers offline.
Some email and internal file-sharing capabilities have been restored, but most external communications still were down late Monday.
“There’s been a lot of improvisation. You work with what you have,” Corporation Commission spokesman Matt Skinner said. “We have court every day in Oklahoma City and Tulsa, and that has continued.”
Field agents have been able to continue using their state-issued laptop computers, although some of the reports and information cannot be filed until the computer system is restored, Skinner said. Field agents and other staff are using voice calls and text messages to help stay in contact during the ongoing outage, he said.
The Corporation Commission website is used by companies throughout the state to file reports such as intents to drill and other oil field information and for companies and individuals to know about ongoing and planned drilling and other projects.
The state Office of Management and Enterprise Services and Cyber Command has spent the past week analyzing the attack and repairing the damage. Some systems began returning online Thursday and Friday, OMES spokeswoman Shelley Zumwalt said.
“The majority of the systems are up and running,” Zumwalt said Monday. “The remaining systems are going through the user validation process right now to make sure everything is working properly.”
Zumwalt said the website information is fluid and that it is difficult to predict when it will be restored.
Oklahoma Cyber Command is designed to continuously monitors the state’s data and computer infrastructure against unauthorized data use, disclosure, modification, damage and loss.
Cyber Command’s goals include preventing cybercrimes, identifying threats as quickly as possible and controlling exposures, responding to incident and restoring public services.
For years, each state agency was responsible for operating its own computer system and each agency had its own information technology employees, with varying levels of expertise, who were responsible for keeping data secure and combating cyber attacks.
A massive consolidation effort centralized much of the responsibility for state computer operations under the umbrella of the Office of Management and Enterprise Services.