- The county officials have paid around $400,000 to the perpetrators, for availing the ransomware decryption key.
- All departments related to Jackson County are said to be affected by the attack.
Jackson County, Georgia was victim to a ransomware attack recently. It is reported that cybercriminals have compromised systems of all departments of the county except for telephone networks.
According to Sheriff Janis Magnum who told 11Alive, other county agencies are also believed to be impacted by the attack. As a consequence, officials have resorted to working with paper reports to do their jobs.
The big picture
- Jackson County hired a security consultant to negotiate the ransom bringing it down to $400,000.
- The ransomware was identified as ‘Ryuk’, suggesting affiliation with the infamous Ryuk group.
- Attackers were also believed to be present in the system network for weeks before the attack.
- Kevin Poe, Manager at Jackson County has told that the systems and servers were being decrypted post the incident.
- The Federal Bureau of Investigation (FBI) is currently investigating this security incident.
Reduced to phones and radio comms
Poe also mentioned that radio and phone services were unaffected by the breach. “During this whole time we never lost our radios or phone service, so 911 was able to continue to operate. The emergency medical service was on a third party provider so it had minimal impact on EMS service,” he told Online Athens.
The ransom dilemma: To pay or not to pay?
Regarding the ransom, Poe highlighted that they had to think of the impact the attack could have had if it remained unsolved for a long time.
“We had to make a determination on whether to pay. We could have literally been down months and months and spent as much or more money trying to get our system rebuilt,” Poe stressed.
This ransomware attack is the second one witnessed in Georgia. Earlier, cybercriminals successfully perpetrated a ransomware attack on government systems in Atlanta city.