US County's Computers Still Down Nine Days After Ransomware Attack

Written by

A county in the Pacific Northwestern state of Oregon is yet to fully recover from a ransomware attack that happened over a week ago.

Cyber-criminals hit Tillamook County in a targeted attack last Wednesday, January 22. As a result, all internal computer systems under the county government, which 250 county employees rely on, went down.

The Tillamook County website, which hosts numerous departments, was also taken out in the incident. Other network connections were disabled to contain the spread of the malware.

The Emergency Communications District’s dispatch and 911 services were not affected; however, the County Sheriff's Office has experienced some issues with its phone system and email.

County Commissioner Mary Faith Bell said that the attack was initially thought to be a storage system technical issue. It was later identified as a ransomware attack despite no initial ransom demands being made by the attackers. 

The day after the incident occurred, county officials contracted a forensic computer firm, Arete Incident Response, to investigate the attack. 

Though the potential cost of the ransom is yet to be revealed, the actions of the county earlier this week hint that the attackers may have finally issued a demand. 

On Monday, January 27, Tillamook County commissioners voted unanimously to negotiate with the cyber-attackers for an encryption key in a bid to regain control of the government's computer systems. 

Addressing the board, Information Technology Director Damian Laviolette said: "At this time, we are looking to Arete to potentially begin the process of negotiation for an encryption key for the remainder of the systems we have been unable to protect or retain the integrity of."

Bell acknowledged that paying a ransom could not guarantee the security or safe return of the data. She said: “I think the lesson is to backup absolutely everything because I think this kind of thing will become more common. There are places in the world where people are just doing this for a living.”

To keep functioning, the county has had to revert to non-digital workarounds. 

“A lot of the things like the library, we are checking books out by paper the old-fashioned way,” said Tillamook County Emergency Manager Gordon McCraw.

County phone lines were restored earlier in the week; however, no timeline has been given for when Tillamook's computers will be back up and running.

What’s hot on Infosecurity Magazine?