Ransomware Takes Out North Carolina County

Written by

Ransomware has severely disrupted an entire North Carolina county, forcing a return to pen and paper for tax payments, jail services, child support and more.

In a sign of the continued threat to operations that ransomware poses, news emerged this week that 48 out of Mecklenburg County’s 500 servers were infected and forced into quarantine.

Reassuringly, county manager Dena Diorio said at a press conference that the local authority wouldn’t be paying the $23,000 ransom, but instead would begin the long and arduous process of restoring from back-ups.

“It was going to take almost as long to fix the system after paying the ransom as it does to fix it ourselves,” she said. “And there was no guarantee that paying the criminals was a sure fix.”

However, over one million residents that live in the region could be affected by the outage, with many key services now offline.

These include social services — causing problems for those in need of medical transportation — electronic tax payments, community support services and even jail services.

“Please note that we anticipate a spike in the jail numbers due to the release process being slowed,” claimed a status update.

Residents in the state’s most populous metropolitan area are being urged to stay patient while digital services are restored. Health and Human Services, the court system and Land Use and Environmental Services are being prioritized, the local authority said.

The news comes as security experts warned that the increasing popularity of cyber-insurance could actually encourage more ransomware attacks.

“We find it concerning that insurers sometimes pay ransoms to recover their customers’ data,” said Corey Nachreiner, CTO at WatchGuard Technologies.

“While we understand the business decision, insurers currently have no long-term actuarial data for cyber-incidents and ransomware. It is possible that paying ransoms will encourage this criminal business model and increase the number of incidents insurers have to handle or the cost of ransoms.”

He argued that savvy cyber-criminals could even hack insurers to identify which organizations have taken out extortion insurance and then attack them directly.

What’s hot on Infosecurity Magazine?