Ransomware incapacitates town government and affects the 911 service

Ransomware is one of the most significant threats to nowadays IT systems because it has an outstanding potential of generating untraceable revenue for the cyber criminals, over relatively short periods of time. No other type of malware can challenge its position in this respect. For the victims, ransomware comes with downtime, concern, the effort to recuperate lost data, investigations, special measures and a ransom bill on top.

Hospitals are among the preferred targets, exactly because such institutions must have their IT up and running at all times, to avoid putting their patients at risk. Hence, healthcare is a victim who is likely to pay.

Lately, the trend of attacks on government institutions increased as well, exploiting a similar incapacity to perform public service, when the IT systems become unavailable. The incident described below is a perfect example of how such an attack goes beyond money concerns and can cause serious risks to citizens’ lives or wellbeing.

The incident in Licking County

During the night of the 31st of January 2017, the Licking County government was hit by a ransomware attack that totally disabled the IT systems. Similar attacks were experienced in the state of Ohio during last year, leading to a concern raised by the state auditor.

This incident resulted in the closure of all IT systems, disabling not only servers and clerks’ computers but also the phone landlines. Currently, there is an investigation going on, with the involvement of the FBI and cybersecurity experts, to determine the cause and help recover the damage. The authorities expected the downtime to last for a significant amount of time. Hence countermeasures were deployed (new laptops brought in, new connections to secure government networks were established) to enable clerks to perform their jobs.

One of the important implications of the complete shutdown of IT systems was the effect it had on the local 911 call center. During this period, the clerks serving the 911 service were able to use the radio and their phones, but unable to use their computers to help dispatch the necessary teams to incoming incidents. This meant that they had to ask for more information from 911 callers, to be able to dispatch efficiently.

The incident is covered thoroughly by reporter Kent Mallet in the Newark Advocate.

Conclusion

This incident is an example of how ransomware can negatively affect not only IT systems and institutions’ budgets but also important public services. Cybercriminals are after ransom money, so targets who rely on IT are preferred as they may be easier to extort. In this incident, the public service was impacted negatively and paying or not paying a ransom would not have changed that. Institutions need to protect themselves against such attacks, train employees to reduce the risk of infections and use appropriate software tools that can stop such incidents from happening.

How we can help

TEMASOFT develops Ranstop, an advanced anti ransomware software that detects and blocks most present and future ransomware and allows file recovery if successful attacks occur.

For more information, follow us on social media and subscribe to our newsletter.