Ransomware Takes North Carolina Mecklenburg County Offices Offline
Update 12/7/2017 – County officials have reported they do not plan to pay the $23,000 ransom. Instead, they will use backup files to restore the encrypted data. It is unknown how long servers will remain offline to remediate the issues.
The Mecklenburg County offices, located in Charlotte, North Carolina have been hit with ransomware. LockCrypt, the ransomware variant that infiltrated the county’s systems infected 48 of the 500 servers. At this time, county offices remain open, but “are slow” according to The Charlotte Observer. LockCrypt attacks the systems on December 5th, and completely paralyzed the systems. It took some time, but employees were able to continue working offline.
At this time, the data remains encrypted. County officials are working with third party agencies to determine if it would be best to attempt to restore the encrypted files themselves, or pay the $23,000 ransom. The original deadline to pay the ransom was December 6th by 1 p.m. The deadline has since passed, and the county has yet to pay the ransom. It is believed a decision will be made by the end of today. For now, systems remain offline.
Other Ransomware Attacks
To see a full list of ransomware attacks that have taken place this year, you can click here. We have also created a ransomware map, see below, of the ransomware attacks that have taken place in the U.S.
** PC Matic users, if you need assistance with the product you may reach our support team at www.pcmatic.com/help.