1 min read

Jackson County pays ransomware operators $400k to regain access to computers

Filip TRUȚĂ

March 11, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Jackson County pays ransomware operators $400k to regain access to computers

Officials in Jackson County, a rural area in the southeastern US state of Georgia, were forced over the weekend to pay hackers almost half a million dollars after a ransomware attack brought its entire fleet of computer systems to its knees.

According to statescoop.com, the county government”s entire email system was taken offline following the attack, with some departments resorting to pen and paper to conduct operations.

“Everything we have is down,” Sheriff Janis Mangum said. “We are doing our bookings the way we used to do it before computers. We”re operating by paper in terms of reports and arrest bookings. We”ve continued to function. It”s just more difficult.”

The sheriff contacted the FBI soon after discovering the incident. Details of the attack were scarce. However, county manager Kevin Poe later told OnineAthens that the county wound up paying the attackers $400,000 for the decryption keys. The ransomware strain was also revealed: Ryuk.

Ryuk ransomware has been involved in targeted attacks associated with the infamous North Korean APT Lazarus Group. Ryuk”s encryption algorithms are designed for small-scale, targeted operations. Distribution has been notoriously carried out manually by the attackers.

In related news, Columbia Surgical Specialists reportedly ended up paying a $15,000 ransom to regain access to files encrypted in a ransomware attack last week. As one incident closely followed the other, the operator is likely the same.

tags


Author


Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

You might also like

Bookmarks


loader