Mecklenburg County, North Carolina, home to Charlotte, was hit with a ransomware attack that the county was clearly unprepared to handle.
The good news, if there is any in a situation like this, is that the attackers only compromised about 48 out of the county’s 500 servers, but other servers were shut down to make sure the ransomware didn’t spread to those servers.
The bad news, and there is much more of that, is that the county says it will be some time in 2018 before they get everything put back together.
Some reports say that the attackers wanted two bitcoins or about $30,000, but other reports say they wanted two bitcoins per server, which would have put the bill in the millions. The county has decided not to pay the ransom.
The county said that because of a backup system, the hack didn’t compromise any personal information. Clearly, the county officials do not understand how technology works.
This is also one reason why these local governmental organizations can be picked off pretty easily. Likely due to staffing, money and lack of executive support, these local governments have poor to non-existent cyber security, disaster recovery and business continuity programs.
Examples of the effects of the backup system that was in place are that calls to the domestic violence hotline are going to voice mail and being picked up later by counselors.
The county jail is having to process inmates in and out of the jail using paper forms. I am highly confident that nothing will go wrong.
Social Services is having to recreate rides scheduled for seniors and many of those ride requests have been forever lost.
Payments to the tax department have to be made by cash or check and building inspections are using paper forms.
The goal is to attempt to get life preserving services up first and the rest of the services restored in 2018.
Mecklenburg is far from alone in this plight. City and County governments, especially, do not have either the budget or the expertise to deal with modern day, real world cyber attacks. All they can do is hope that no one clicks on an infected link in an attack email.
The private sector is in better but not great shape. They are much more motivated to have systems that work and not spend the millions of dollars that I am sure Mecklenburg is spending to rebuild servers from scratch. Businesses also don’t want to lose customers. When Fedex got hit with the WannaCry virus, customers switched to their competitors. Many of those will never come back. Mecklenburg doesn’t have that problem – there is no competing government to switch to.
For private businesses, these attacks can be the difference between a profit and a loss, staying in business or going out of business. Fedex, in the example above, spent $300 million recovering from WannaCry last quarter and will spend an equal amount this quarter. Many businesses cannot afford the bills that these attacks generate and just go out of business.