A hacker attack delayed county government on Wednesday in the most populous metropolitan area of North Carolina as agents processed inmates by hand, the tax office rejected electronic payments and building code inspectors changed to paper records.
on dozens of servers in Mecklenburg County after one of its employees opened an email attachment with malicious software earlier this week. The responsible hacker, who is believed to be in Ukraine or Iran, has demanded more than $ 23,000 to re-establish access.
County manager Dena Diorio said officials had not yet decided Wednesday afternoon if they would pay the ransom and that it would take days to reset the county computer system, whether or not they did.
"If we do not pay, we have to rebuild our applications from scratch," said Diorio.
Meanwhile, county departments fought over doing business without access to digital records.
"We are slower, but we are working," said Diorio.
The county of more than 1
Computer problems have not affected the processing of emergency calls because they are handled by the city, said Mecklenburg County Sheriff's Office spokeswoman Anjanette Flowers Grube.
But it caused delays in the county jail and disrupted other county services ranging from domestic violence counseling to tax collection. Sheriff Irwin Carmichael said it would take longer to prosecute the detainees, as well as the prisoners who will be released.
Calls to the county's domestic violence hotline go directly to voicemail, so counselors review messages every 15 minutes. And the department of social services is working to recreate its daily itinerary of 1,600 trips for elderly patients with medical appointments. Recurring appointments that represent most attractions are less problematic than those of patients who make one-time reservations.
Patty Eagan, director of Social Services for Mecklenburg County, said there are "300 medical travel trips, and that's when someone scheduled a trip a week ago two weeks ago. We can not see which trips have been scheduled."
Meanwhile, payments to the tax office must be made with a check, cash or money order, and the code inspectors are slowed down by the use of paper records, according to a list of affected services.
Piracy was publicly revealed on Tuesday. A forensic examination has confirmed that 48 of the county's 500 servers were affected, Diorio said, adding that county government officials believe that hackers could not access individual health information, credit cards or social security. .
compromised servers have been quarantined, and even potentially healthy parts of the system are currently closed to prevent the spread of the malicious program, said Keith Gregg, county director of information. But without unlocking the compromised servers, the county would have to rebuild important parts of the system.
He passed the deadline on Wednesday afternoon to pay the ransom, but Diorio said the talks continue. Hackers have called for the ransom to be paid in bitcoin, a digital currency used around the world and favored by hackers because it can often be exchanged online anonymously.
A security expert said that cyber attacks against local governments are not unusual. For example, a hacking attack in late 2016 on San Francisco's public transportation system led its operators to allow free travel during part of the weekend due to data problems.
Ross Rustici, senior director of intelligence services at Cybereason, said ransomware schemes against local governments make news every two months, but often tend to be smaller rural areas. He said local governments are "easy targets" because of their older equipment and software.
He said companies and local governments often pay the ransom because other means of recovering data can be even more costly.
"Once" In that situation, you really do not have a good option, so many people and companies end up paying, "he said.