Madison County Computers Inaccessible After Ransomware Attack

Update: After five days of battling to get systems back up and running, Madison County has paid the ransom demands to regain access.  Herald Bulletin reported, the county was encouraged to pay the ransom amount by their insurance provider, who paid the $28,000 demand.  The county was left paying the insurance deductible, along with $17,500 to bring in professional services to bring their servers back online.  Lisa Cannon, Director of IT, reported this ransomware attack infected 600 personal computers and 75 servers.  The county is continuing to evaluate best practice options for disaster recovery, as well as how to prevent future attacks.

Update 12/08/2016: CSO Online is reporting that Madison County has now spent approximately $220,000 to recover from this ransomware attack. The county signed three contracts worth $198,180 to work with service providers to implement off-site data backups, a backup court system, and prevent future attacks. The IT department head is also not satisfied with the current budget her department has after it was cut by 56% saying, “We can’t be expected to operate as large as General Motors on a gas station budget. We need help and it’s going to take funds.” According to reports, during the infection county police officers were forced to use pen and paper when processing inmate information as computers were not functional. 

Ransomware has struck another county office.  The computers associated with the Madison County offices, located in Indiana, have been infected with ransomware.  According to WTHR News, the County’s systems have been completely shut down, making the information within the systems inaccessible.

It has been reported that the County’s operations are continuing.  However, with the systems down, they have reverted back to the manual process of doing everything with a pen and paper.  It is not believed any personal information within the systems has been compromised.  The County is also confident, all voter data has remained secure.

The ransomware variant that infiltrated the systems is not being disclosed at this time.  The County has not released the ransom demand, or if they plan to pay in order to get their systems back up and running as usual. As always, PC Matic does not encourage any ransomware victims to pay the ransom amount.  By doing so, it only reinforces the hackers to continue with these attacks.  It is encouraged businesses and home users back up their data daily, to an external storage device.  This will provide a copy of all user information, files, pictures, etc. in case a ransomware attack were to infect your PC.  Also, if you have been hit with ransomware, it is clear your security solution has failed to keep you secure.  PC Matic encourages users to implement a security solution with application whitelisting technology to prevent future attacks.

Ransomware Attacks of 2016

To see a full list of ransomware attacks that have taken place, you can click here.  We have also created a ransomware map, see below, of the ransomware attacks that have taken place in the U.S. this year.

(Visited 3,446 times, 1 visits today)

3 thoughts on “Madison County Computers Inaccessible After Ransomware Attack

  1. I have to agree with Paul’s first thought. I have to disagree with the directions that the comments that followed were going. the article is clearly not the entire story. It’s understandable that a site that sells security software would focus on certain aspects of the event.( i.e. The ‘tradegy, mayhem, and following inability to easily recover from said event’ sections)

    The article discusses the County’s and actions and lack thereof. The same paragraph continues with the sites recommendations. This makes an assumption that the end of the paragraph is referring to the same topic as the beginning. This is only an assumption and an implication, but that implication can be made invalid by holding the fact that mid paragraph, the subject changed. The county had to pay to regain access, but it is never mentioned why. The subject of backups was never discussed as it would pertain to the county. They were only included in the sites usual recommendation.

    Articles are written a certain way and are meticulously proofread prior to publish. This is true for many articles across many mediums. I’m not calling anyone specific out on this, just that it can be considered as standard practice. All I’m saying is reading an article for what it says, and for what it implies are two different things. Before making an opinion, question what something says, if what it says is true it will prove itself upon evaluation.

  2. I have 2 thoughts:
    – Is it responsible behaviour to publish this story, which must have the effect of encouraging more such attacks?
    – The victim’s failure to protect voters’ data and the servers on which this data was stored (the story shouts No Backup) ought to be treated as criminal, with the people in charge subject to prosecution with the distinct probability of a term of imprisonment if prosecution is successful

  3. So as usual we see a sleepy mal-administered county office asleep at the wheel!
    I’m not sure but it seems almost 100% certain they had no effective back up.
    Why would any insurance pay for mistakes caused by such incompetence, it’s akin to leaving your front door open & then making an insurance claim for burgled goods!
    Who got fired – of yes that’s right as always nobody, why, nobody knows?
    What a disgrace, maybe D Trump can sort out this sort of sloppy behaviour in our tax funded government/county offices?

Leave a Reply

Your email address will not be published. Required fields are marked *