Town email addresses are changing as part of cybersecurity effort

Editor’s note: this story was updated on Feb. 10 with information about library, school, and Parks & Rec email addresses.

Lincoln is in the process of changing all town officials’ email addresses, though the old ones will still be auto-forwarded for the foreseeable future.

Official Lincoln email addresses now end in the “lincolnma.gov” domain rather than the old “lincolntown.org,” though the first part of the address identifying the recipient will stay the same. For example, Town Administrator Tim Higgins will change from higginst@lincolntown.org to higginst@lincolnma.gov.

The Lincoln Public Library uses the Minuteman Library Network domain (@minlib.net) and that won’t change. The Parks and Recreation Department and the Lincoln Public Schools both use the @lincnet.org domain and will continue to use @lincnet.org addresses for the time being, although they will eventually transition to lincolnma.gov once the new community center is up and running. 

“We’re making the change so our [email address] domain accurately reflects that we are a government institution. The new domain will also give us some flexibility in responding to cybersecurity incidents and hopefully some priority in restoring connectivity,” said Michael Dolan, director of information technology.

Lincoln has had two cybersecurity incidents since 2016, affecting individual computers in Facilities and Public Safety, Dolan said. In both cases, he cut off access to the server and restores the files that had been maliciously encrypted. The second ransomware attack was limited to a vendor’s local account on that workstation, “and we have since severed ties with that vendor, he said.

Neither attack involved any information being gleaned from the town information systems such as residents’ personally identifying information, Dolan said.

Since those attacks, “our current security posture is more robust,” he said. New measures include town employee training on cybersecurity awareness and an incident response exercise last year involving key finance, public safety, school, and town administration officials.

The town also has a managed detection and response system that’s monitored 24/7 by a third party that goes beyond checking for malware on individual computers by looking for unusual network behavior. Finally, the town’s backup system is a non-Windows platform that is electronically disconnected from the main network, and backup is only accessible using two factor authentication limited to two accounts, Dolan said.

A $5,200 Municipal Local Cybersecurity Grant in 2024 helped pay for the domain change as well as other services.

Dolan has discussed cybersecurity with Lincoln’s insurance carrier and other cities and towns, “and the biggest issue amongst the communities was the cost of these services,” he said. “While it may cost more in the long run to not have the proper security measures in place, it is difficult to squeeze these infrastructure upgrades into our capital budget requests as our systems need to respond to a threat landscape that changes constantly. I usually seek a grant to absorb some of these costs but the ongoing financial impact after the systems are implemented put a significant strain our operational budgets.

“Finally, as many services and applications are now cloud-based or centrally managed, we rely heavily on the security practices of third-party entities,” Dolan continued. “Over the years, we have seen many successful attacks on larger organizations that spend far more on their security posture than our town. I think all the municipal IT managers are of mindset that it is not a question of if, only when.”