Local Cyber-Security Consultant negotiates the ransom paid to the hackers.
Outside of 911 emergency systems and Georgia County’s website, all systems went offline earlier this month. On March 1st, 2019 city officials noticed systems were not working. Everything appeared to be offline and inaccessible.
With the help from a local cyber-security provider, city officials were able to reach an agreement of a staggering $400,000 6-days after starting negotiations. Many locals wondered if this was for real. “I thought this only happened in the movies,” two locals expressed in a street-side interview. “Yeah, it’s like a crazy twisted Hollywood plot. I am glad they didn’t block the emergency services though.”
The attack forced law enforcement to act quickly, “Everything we have is down,” Sheriff Janis Mangum told StateScoop in an interview. “We are doing our bookings the way we used to before computers. We’re operating by paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.
This brings up a great point, could you operate your business if you had to manage your business paper only? Many businesses, clinics, and government offices operate entirely online. Would you be prepared if a hacker invaded your system? How would that affect your business?
The FBI was immediately notified and within a few days of the lockout, Georgia County paid out $400,000 to the hackers in exchange for a decryption key which allowed the IT professionals to re-gain access to their ransomed files.
However, it didn’t end there. When files are ransomed, they are all infected with code that must be scrubbed clean. Every workstation has to be decrypted and rebooted. Jackson County Manager Kevin Poe spoke first-hand of this in an Online Athens interview. “We had to make a determination on whether to pay. We could have literally been down for months and months and spent as much or more money trying to get our system rebuilt.”
Consider This Too:
If your business was hit with a ransomware attack, would you be in a position to deploy a multiple six-figure ransom payment to unlock your system? Or would you be forced to start from scratch? StratX IT is not one to press the fear button, but these situations are becoming more common. Cyber Armies are a reality. Hollywood continues to shed light on these attacks as they script them into modern films and storyboards. StratX IT is equipped to defend your network. We are a fully integrated cyber security managed service provider.
If you need a Cyber Army defending your network, look no further than our Managed Security Solution.
What was the Ransomware Called in this Attack?
Georgia County officials identified the ransomware as “Ryunk” also known as, Ryuk, a well-known un-decryptable ransomware strain. Ryuk is believed to be an Eastern European group that has been targeting government, enterprise and healthcare networks over the past year. These guys are being pinned as, “the big game hunters.” The ransomware was in fact triggered through Emotet or Trickbot malware.
How can we be sure that Georgia County made the right decision?
Atlanta Georgia had a similar malware infection that forced them to rebuild their IT infrastructure in 2018. The rebuild proposal began at $2.6 Million and is currently over $17,000,000 into 2019.
Ransomware does not only exist in Hollywood. There are several case examples that go beyond the example posted here in Georgia County. StratX IT would be happy to answer any questions you may have about the security of your network, just call us.
We also offer a DIY Security Assessment here, which many clients of ours felt was a safe place to start.