Industry News

Jackson County pays ransomware operators $400k to regain access to computers

Officials in Jackson County, a rural area in the southeastern US state of Georgia, were forced over the weekend to pay hackers almost half a million dollars after a ransomware attack brought its entire fleet of computer systems to its knees.

According to, the county government’s entire email system was taken offline following the attack, with some departments resorting to pen and paper to conduct operations.

“Everything we have is down,” Sheriff Janis Mangum said. “We are doing our bookings the way we used to do it before computers. We’re operating by paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”

The sheriff contacted the FBI soon after discovering the incident. Details of the attack were scarce. However, county manager Kevin Poe later told OnineAthens that the county wound up paying the attackers $400,000 for the decryption keys. The ransomware strain was also revealed: Ryuk.

Ryuk ransomware has been involved in targeted attacks associated with the infamous North Korean APT Lazarus Group. Ryuk’s encryption algorithms are designed for small-scale, targeted operations. Distribution has been notoriously carried out manually by the attackers.

In related news, Columbia Surgical Specialists reportedly ended up paying a $15,000 ransom to regain access to files encrypted in a ransomware attack last week. As one incident closely followed the other, the operator is likely the same.

About the author


Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

1 Comment

Click here to post a comment
  • Are these people not making off-line backups? Why in God's name would they pony up that much tax-payer money ?