Officials in Jackson County, Georgia, paid $400,000 to cyber-criminals this week to get rid of a ransomware infection and regain access to their IT systems. The County hired cyber-security consultant to negotiate ransom fee with hacker group. Jackson County officials have not yet confirmed how hackers breached their network.
The infection forced most of the local government's IT systems offline, with the exception of its website and 911 emergency system.
"Everything we have is down," Sheriff Janis Mangum told StateScoop in an interview. "We are doing our bookings the way we used to do it before computers. We're operating by paper in terms of reports and arrest bookings. We've continued to function. It's just more difficult."
Jackson County officials notified the FBI and hired a cyber-security consultant. The consultant negotiated with the ransomware operators, and earlier this week the Georgia county paid $400,000 to hackers to get a decryption key and regain access to their ransomed files.
County officials are in the process of decrypting affected computers and servers, Jackson County Manager Kevin Poe told Online Athens in an interview.
"We had to make a determination on whether to pay," Poe said. "We could have literally been down months and months and spent as much or more money trying to get our system rebuilt."
Poe identified the ransomware that infected the county's network as "Ryuk" a well-known ransomware strain that is currently undecryptable.
Jackson County won't be the victim who paid the largest ever ransom demand, though. This "honor" goes to South Korean web hosting firm Internet Nayana, which paid 1.3 billion won ($1.14 million) worth of bitcoins to a hacker following a ransomware attack in June 2017.
The full article can be read here: https://blog.knowbe4.com/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-infection