Orange County in North Carolina suffered
its third ransomware infection in six years, the local government announced
on its website on Monday. The attack, probably stemming from a phishing email, a
very common practice in such situations, crippled the county’s IT infrastructure
and left a number of departments struggling with operations.
The attack, detected on Monday
and isolated by Wednesday, disrupted over 100 computers at the local library,
tax department, Country Register of Deeds and Sheriff’s department. IT Director
Jim Northrup said no data was lost or stolen.
On Wednesday, a number of
departments were operational again, including the Register of Deeds, Health and
Dental Clinics and Animal Services.
There’s an ongoing investigation
with FBI, local law enforcement and cybersecurity experts but “the threat of
re-infection exists,” the county says.
“Right now we can confirm
that the county detected an encryption virus on our computer network early
Monday morning. At this point, no data has been lost or any sensitive
information stolen. The attack is still under investigation,” Orange
County spokesman Todd McGee wrote
in an email to ISMG.
“Almost all of our services
have been restored, but we can’t put a definite timeline for when all will be
back up,” McGee added. “We have not received a ransom request.”
Officials did not name the strain of the ransomware, nor say
how the malware got in the system in the first place. The major issue local
governments have been struggling with in fending off attacks is the lack of
staff and budget to invest in proper procedures. This has led to the repeated
attacks in North Carolina, and to last week’s Ryuk ransomware infection of
Jackson County Georgia, which ended up paying $400,000 in ransom.