Mecklenburg County server held for ransom

Share

Mecklenburg County officials say that a hacker is seeking a ransom of more than $23,000 after freezing county computer files.

Mecklenburg County officials still haven't decided if they are going to pay the ransom demanded by cyber criminals after dozens of servers were hacked Tuesday, County Manager Dena Diorio said.

Mecklenburg County Sheriff's Office spokeswoman Anjanette Flowers Grube said in an email that deputies are manually processing suspects who have been arrested because its computer system was affected. Diorio said, for example, that the county's code enforcement office would have to rely on paper records until the outage is fixed because employees there can't access the electronic files they normally rely on.

At least two county commissioners said they had not been briefed on the additional information regarding the actual total of the ransom when contacted by WBTV on Wednesday morning.

There is no estimated time on when the computer systems will be back up and running.

Diorio said no resident's personal information is exposed, but all of the Information Technology Services (ITS) systems in the county are shut down. The ransom price demanded by the hackers for that attack was a single bitcoin. She said the county has until 1 p.m. Wednesday to decide whether to pay ransom.

"It was going to take nearly as long to fix the system after paying the ransom as it does to fix it ourselves". The county is reportedly considering whether to pay the hacker.

Anyone who made transportation reservations through DSS/MTS, including reservations made for bus passes and vendor transportation for trips scheduled through December 11, is asked to call Customer Connections to confirm transportation.

Builders are among those who felt the hack's full effects on Wednesday.


UNC Charlotte professor Bill Chu, who started the cybersecurity program at the school, said even in the most highly-trained workforces, 10 percent of employees will still open unsafe phishing emails.

County officials said this is a "new strain" of ransomware and are calling this situation "patient zero".

Diorio said a comprehensive list of the departments that will be moving to paper will be released Wednesday.

"We don't believe we were targeted", Diorio told WSOC.

The county's domestic violence hotline that is operated by Safe Alliance was not impacted by the hack.

For now, Mecklenburg County officials are asking people to be patient as they untangle the cyber-mess.

Diorio is now working with a "third party forensic expert" to navigate the county's next steps.

"So at this point in time our backups seem to have been highly effective, but we're not racing to make our problems worse". "And there was no guarantee that paying the criminals was a sure fix", Dioro says. "So that's the conversation that we are continuing to have".

No other details have been released.

Share