clear
Monday December 11th, 2017 9:31PM

North Carolina county's ransomware recovery will take days

By The Associated Press
Related Articles
  Contact Editor

A North Carolina county was working Thursday on the lengthy process of fixing its computer systems after refusing to pay off a hacker who used ransomware to freeze dozens of local government servers.

It will take days to restore Mecklenburg County's computer system, local officials said, leaving residents in North Carolina's most populous metro area facing delays or disruptions to county services. Deputies were processing jail inmates by hand and building code inspectors switched to paper records after a county employee unleashed the malicious software earlier this week by opening an email attachment.

County manager Dena Diorio said late Wednesday that the county will not pay the $23,000 demanded by the hacker believed to be in Ukraine or Iran. Diorio said it would have taken days to restore the county's computer system even if officials paid off the person controlling the ransomware, so the decision won't significantly lengthen the timeframe.

"I am confident that our backup data is secure and we have the resources to fix this situation ourselves," said Diorio. Describing county services, she said: "We are slower, but we are up and running."

The county of more than 1 million residents includes Charlotte, but the city government appears not to have been compromised by the attack. The state's largest city issued a statement that its separate computer systems have not been affected and that it severed direct connections to county computers.

The computer problems haven't affected the processing of emergency calls because they are handled by the city, said Mecklenburg County Sheriff's Office spokeswoman Anjanette Flowers Grube.

Such attacks are becoming more common — and more sophisticated. A security expert said he reads about a local government being targeted every couple of months. For example, a hacking attack in late 2016 on San Francisco's mass transit system led its operators to allow free rides over part of a weekend because of data problems.

Ross Rustici, senior director of intelligence services at the firm Cybereason, said local governments are "easy targets" because of their older equipment and software. Paying the ransom can often be cheaper than other ways of recovering the data.

"Once you're in that situation, you really have no good option, so a lot of people and companies end up paying," he said.

The North Carolina cyberattack has caused delays for the Mecklenburg County jail and disrupted other county services ranging from domestic violence counseling to tax collection. Sheriff Irwin Carmichael said it's taking longer to manually process arrestees, as well as inmates due to be released.

Calls to a county domestic violence hotline are rolling straight to voicemail, so counselors are checking messages every 15 minutes, officials told reporters. And the social services department is working to recreate its daily itinerary of 1,600 rides for elderly patients with medical appointments. Recurring appointments that account for most of the rides are less of a problem than those for patients who make one-time reservations.

Meanwhile, payments to the tax office must be made with a check, cash or money order, and code inspectors have been slowed down by having to use paper records, according to a list of affected services.

Diorio said county computers began to suffer Monday from the attack, which was publicly revealed the next day. A forensic examination shows 48 of the county's 500 servers were affected, Diorio said, adding that county government officials believe the hacker wasn't able to gain access to individuals' health, credit card or social security information.

The compromised servers have been quarantined, and even potentially healthy parts of the system were shut down to avoid spreading the malicious program, said Keith Gregg, the county's chief information officer. But without getting the compromised servers unlocked, the county will have to rebuild significant parts of the system.

Diorio said county technology officials will use backup data from before the ransomware attack to restore the system, but the rebuild will take "patience and hard work."

___

Follow Drew on Twitter at www.twitter.com/JonathanLDrew .

  • Associated Categories: U.S. News, Associated Press (AP), AP National News, Top U.S. News short headlines
© Copyright 2017 AccessWDUN.com
All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
North Carolina county's ransomware recovery will take days
A North Carolina county is working on the lengthy process of fixing its computer systems after declining to pay off a hacker who used ransomware to freeze dozens of local government servers
4:05AM ( 2 minutes ago )
On Jerusalem, Trump delivers for supporters at home
President Donald Trump's move to recognize the divided city of Jerusalem as Israel's capital was an effort to make good on a campaign pledge
4:00AM ( 7 minutes ago )
Franken faces fresh accusations, weighing his future
Minnesota Sen. Al Franken appears on the verge of resigning after fellow Democrats led by female senators abandoned him over mounting allegations of sexual misconduct
3:58AM ( 9 minutes ago )
Associated Press (AP)
AP Exclusive: Poor health and high expectations for Medicaid
AP Exclusive: People on Medicaid have worse health, but a new survey finds they're invested in improving
3:33AM ( 35 minutes ago )
California wind, and fire danger, hits unprecedented high
Southern California wind warning reaches unprecedented purple or "extreme' level, pushing wildfire danger into uncharted territory.
3:29AM ( 39 minutes ago )
N. Korea says war is inevitable as allies continue war games
North Korea says a nuclear war on the Korean Peninsula has become a matter of when, not if, as it continued to criticize a massive joint military exercise between the United States and South Korea
2:46AM ( 1 hour ago )
AP National News
Bel-Air wildfire joins the siege across Southern California
A wildfire has erupted in Los Angeles' exclusive Bel-Air section as one corner of Southern California after another finds itself under siege from an outbreak of wind-whipped blazes
12:08AM ( 3 hours ago )
Lawmaker says she accidentally brought gun to Denver airport
Police say the gun that a Colorado state lawmaker brought to Denver International Airport was loaded with four rounds in its magazine
12:01AM ( 4 hours ago )
The Latest: California fire grows and worst may be coming
The largest and most destructive wildfire in Southern California has grown to 140 square miles and fire officials say the worst may be yet to come
10:59PM ( 5 hours ago )
Top U.S. News short headlines
On Jerusalem, Trump delivers for supporters at home
President Donald Trump's move to recognize the divided city of Jerusalem as Israel's capital was an effort to make good on a campaign pledge
4:00AM ( 8 minutes ago )
Franken faces fresh accusations, weighing his future
Minnesota Sen. Al Franken appears on the verge of resigning after fellow Democrats led by female senators abandoned him over mounting allegations of sexual misconduct
3:58AM ( 9 minutes ago )
Australian Parliament allows same-sex marriages
Australia's Parliament has voted to allow same-sex marriage across the nation, following a bitter debate settled by a much-criticized government survey of voters that strongly endorsed change.
3:57AM ( 10 minutes ago )
Franken faces new allegations, weighing future
Minnesota Sen. Al Franken appears on the verge of resigning after fellow Democrats led by female senators abandoned him over mounting allegations of sexual misconduct
3:57AM ( 11 minutes ago )
Mideast braces for fallout from Trump's move on Jerusalem
Palestinians shuttered schools, shops ahead of protests over Trump's recognition of Jerusalem; Saudis sharply rebuke US
3:49AM ( 18 minutes ago )