Following a meeting held with department heads and elected officials this morning, LaPorte County Commission President Dr. Vidya Kora announced that “decryption” of the county’s data began late yesterday and steps are being taken to reduce the chances of any future “ransomware attack” as occurred on Saturday, July 6th.
Said Dr. Kora, “this particular virus – RYUK – that was used by the bad actors in this attack was particularly insidious in that it jumped over all our firewalls and was able to penetrate backup servers. Even after conferring with the FBI’s cyber security unit to determine if their decryption codes would work, they determined after several tries their “keys” would not unlock our data, and we were required to pay the ransomware actors to retrieve our data. A go-between from a firm we hired negotiated for us and negotiated the demands down considerably from the initial demand of $221,000 to a final agreed-upon price of 10 ½ bitcoin or $132,300. Fortunately, our cybersecurity insurance policy will cover $100,000.00 of that amount.
“My fellow commissioners – Sheila Matias and Rich Mrozinski – and I along with County Council President Randy Novak, IT Director Darlene Hale, Auditor Joie Winski and County Attorney Shaw Friedman met with county department heads and elected officials this morning to assure them that now that we had acquired the decryption key and were ‘unlocking the encrypted data” that county computer systems would be gradually unlocked including our email program. We commended IT Director Darlene Hale and her team for their swift action in averting a wider infection of the virus as just 7% of all PC’s were hit, however, the two main domain servers were successfully penetrated which blocked ‘network services’.
“Importantly, our special response team that was hired has assured us that as of 7:30 a.m. today, there is no evidence that personal information of our employees may have been accessed or acquired as a result of the ransomware event.”
Said Dr. Kora, “The County Commission is committed to putting in place protections going forward such as use of a behavioral-based anti-virus software rather than just a signature based anti-virus software, to more employee training on how to avoid accidentally introducing such viruses into our system and other protections such as an annual cyber security audit conducted by a third party. Unfortunately, in a day and age where cyber-crime has become so lucrative and many private and governmental entities across the country are being ‘extorted’ for their data, an ounce of additional prevention will be worth a pound of cure.”