SALEM, Ore. (AP) — One week after an Oregon county was hit by a cyberattack, the county computers remain unplugged while a cybersecurity firm tries to negotiate with criminals who deployed the ransomware, a county official said Wednesday.
Tillamook County Sheriff’s Lt. Gordon McCraw, who is the county emergency manager, said the outage is creating the most havoc for the taxation and clerk’s offices in the coastal county, which are more reliant on computers.
“Department heads are of course unhappy that they can’t do things the way they used to,” McCraw said in a telephone interview.
Customers have been checking out books from county libraries the old fashioned way, with paper and pen, instead of scanning them, McCraw said.
It’s not clear if a ransom demand has been made, but McCraw said the county needs an encryption key to access all the data that the criminals encrypted. A study determined that it would take 12 years to decrypt all the data without the key.
Ransomware is malicious software that encrypts a system, effectively locking out its users. The attackers promise to decrypt the information with a decryption key if they are paid.
The county reported the attack to its cyber insurance carrier. Arete Advisors, a cybersecurity company based in New York, has been engaged to oversee an investigation and coordinate with law enforcement and “is negotiating with whoever encrypted our filed,” McCraw said.
It was not clear if a ransom demand has been made, or if Arete has established contact with the criminals. The company did not immediately respond to a request for information.
The city government said in a statement on Jan. 22, the day of the attack, that its phones and some emails and computers were still offline, affecting all departments, including city hall, the library, public works and police. Emergency 911 phone number and non-emergency dispatch lines were unaffected. The phones were affected because they are so-called VoIP devices meaning they use the internet.
In 2019, 113 state and municipal governments and agencies, 764 healthcare providers, and 89 universities, colleges and school districts in the United States were hit by ransomware attacks, said Brett Callow, threat analyst at Emsisoft, a company that produces software to protect computers against attacks. The numbers came from a compilation of press reports and help requests the company received, Callow said.
Follow Andrew Selsky on Twitter at https://twitter.com/andrewselsky