Sunday, 19 August, 2018

Server files held for ransom by hacker, Meck. Co. manager says

Mecklenburg County Manager Dena Diorio talked to reporters Wednesday about this week's hacker attack on county servers Mecklenburg County Manager Dena Diorio talked to reporters Wednesday about this week's hacker attack on county servers. David Boraks WFAE
Nellie Chapman | 06 December, 2017, 20:38

In September, it happened to Montgomery County, Alabama, and it paid thousands of dollars in ransom to hackers in order to recover stolen government data, according to the political website The Hill.

On 5 December, the government for Mecklenburg County, North Carolina informed its Twitter followers that it was "experiencing a computer-system outage".

A criminal who infected the computer systems of Mecklenburg County with ransomware has demanded a ransom payment of $23,000 for the decryption key.

Diorio told county commissioners in a meeting that the files were being held for ransom as the hackers were demanding 2 bitcoins, which is now worth nearly $25,000 (at the time of this article's writing).

As of late Wednesday morning, county staff was working to determine whether the hacker was demanding two bitcoins for the information on each of the 30 servers or whether the demand was for two bitcoin for each file on the 30 servers.

The shutdown is affecting email, printing and other county applications, including the ability to conduct business at most county offices.

Each County department is activating its Continuity Of Operations Plan, which is created to address situations like this.

In a report from WSFA, Montgomery County officials said the backup servers were more than 90 percent full and they planned to wait until the next budget passed to upgrade the servers. It's unclear at this time how many county employees received the email.

Thursday, they will release a list of services that won't be available to the public because of the hack. Law enforcement is not involved at this time.

Diorio said the county hadn't ruled out paying the ransom, but understood that could be risky. The hackers demanded $35,000 in the electronic currency bitcoin, but the library refused to pay. While paying the ransom may be the only way to obtain the decryption key, there is no guarantee the hackers will honor their commitment and provide the key.

There is no estimated time on when the computer systems will be back up and running.

Chaney says her department takes extra precautions to make sure they don't have the same issues.

"They want people to know if you pay them, they will give it back", Puckett said.