Ryuk ransomware Attack on Jackson county fetches hackers a whopping $400,000
The entire computer system of Jackson County, Georgia was hit by a massive Ryuk ransomware attack on March 01. Authorities confirmed that the attack has affected all the departments. This ransomware leads to a complete shut down unless the files are recovered using the decryption key.
Emails as well as emergency services were affected by this attack leaving the government in a terrible situation. Jackson county officials notified the FBI as well as hired a cyber security consultant. The consultant negotiated with the ransomware operators, and earlier this week the Georgia county paid $400,000 to hackers to get a decryption key and re-gain access to their ransomed files.
During the time in between attack and recovery, all the operation had to resort to conducting entirely on paper officials said to statescoop. According to Sheriff Janis Mangum, “Everything we have is down,” “We are doing our bookings the way we used to do it before computers. We’re operating by the paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”
County officials are in the process of decrypting affected computers and servers, Jackson County Manager Kevin Poe told Online Athens in an interview yesterday. “We had to make a determination on whether to pay,” Poe said. “We could have literally been down months and months and spent as much or more money trying to get our system rebuilt”.
Ryuk ransomware was first discovered in August 2018 by MalwareHunterTeam. Ryuk ransomware is typically used in targeted attacks executed through phishing, likely the method used in the case of Jackson County.
The county was left with no choice but to pay the ransom because of the lack of efficient data backup systems in place. Although proper data backup system and maintenance is the norm nowadays as protection from both system failures and ransomware infections, this measure is rarely seen in smaller communities such as Jackson County. So always be well prepared with the best DLP (Data Loss Prevention) tools for your organization.
