Malware

Georgia County Offices Impacted After Ransomware Corrupted Its Network

Another Cyber Attack Targets Georgia

Update 3/11/2019: The County hired a third-party cyber security consultant to help determine the best route to restore their networks. After investigation, it was determined, the consultant would negotiate a payment with the hackers, in an attempt to regain access to the encrypted files. Reports have confirmed, Jackson County has paid the hackers $400,000 for the decryption key.

The ransomware variant that infected networks was found to be Ryunk. This ransomware is often initiated through an initial Trojan virus infection and sits dormant until the hackers launch the attack.

As if the ransomware attack that took out the City of Atlanta wasn’t enough, now Jackson County offices of Georgia are suffering the aftermath of a ransomware attack.

County officials have confirmed, every office has been impacted by this cyber attack. At this time, the biggest priority is restoring emergency systems, including the 911 networks.

The exact ransomware variant remains unknown, as does the ransom demand. A statement has not been released regarding the County’s intentions on restoring their network. Depending on the status of their backup files, they could potentially restore the systems with them. However, this would require timely backups, staff availability and the time to do so.

Another alternative, which is not recommended, is to pay the ransom demands set forth by the hackers. The goal of making this payment would be to obtain the decryption key, which allegedly would restore the networks. Unfortunately, that does not always happen, even after the payment is made. Which, of course is one of the biggest reasons NOT to pay. In addition, paying puts a target on the victim’s back — if they’ve paid once, they’ll likely pay again.

Other Attacks

For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map of the ransomware attacks that have taken place in the U.S. Click here to view.

5,067 total views, 3 views today

(Visited 1 times, 1 visits today)

3 thoughts on “Georgia County Offices Impacted After Ransomware Corrupted Its Network

  1. More to the point, how many people were fired over this incident? Ransomware is not new, it has been thoroughly publicized, and those charged with managing a government IT installation should be held personally accountable for situations like this. If independent audit shows that procedures were not up to date, or users adequately trained, or users not properly policed in their data access methods and habits, the taxpayers of Georgia should at least have the satisfaction of knowing that ineffective state employees were terminated.

  2. so what happened AFTER the county paid the $400K ransom? dud they gain access back to their files??

    seems like most ransomware news stories talk about the org’s computers and/or files being hit and ways to avoid it. BUT rarely do we read what happened AFTER a ransom was paid.

    pls, tell ys tge 2nd half of the story!!

    • We’ll update you if we find out! There are a lot of times where the story goes cold after the initial information about their decision to pay or not pay.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.