Pottawatomie County pays over $71K to resolve ransomware attack

0

Pottawatomie County Public Works and KSU Extension Office, located in Westmoreland is home also to the weekly county commission meetings, which take place in the Sunflower Room located on the lower floor. (Brandon Peoples/KMAN)

Pottawatomie County officials say over $71,000 was paid to hackers following a September ransomware attack, which compromised the county’s IT systems.
That’s down from the apparent $1 million the county says was initially demanded. It includes $71,250 paid to the threat actor and $356.25 in exchange fees to facilitate the cyber currency payment. The funds were paid out of the county’s General Fund and a substantial portion will be refunded by the county’s self-insurance pool.
County Commissioner Pat Weixelman explains why the county ultimately chose to make the payment.
      1004-Pat why pay
Weixelman says it was the commission that gave County Administrator Chad Kinsley the green light to negotiate the payment.
      1004-Pat on payment
The county also spent $5,000 to purchase enhanced decryption software needed to unlock files the hackers had encrypted. The county does not employ a full time IT person. Rather it contracts those services out to Fox Business Systems. Weixelman says he does not believe the county will change course.
      1004-Pat on IT
Weixelman says it’s still unclear how the breach occurred.
      1004-Pat don't know

 

According to Kinsley, in a Monday news release, the county has hardened system defenses and they believe they are much less vulnerable to any subsequent attack.
“In this case, the hackers demonstrated that they had seen some private data. We paid the ransom to protect our constituents and prevent that data from being made public,” said Kinsley. It is important to note that “we are not the only county that has experienced a cyberattack,” said Kinsley.
The county says according to experts, hackers know that if they release information following a ransom payment, future victims will refuse to pay. For that reason, they say, they are confident that the accessed data have been deleted from hackers’ computers.
IT staff and expert advisers are continuing to scan compromised data to determine how much private data hackers may have seen. Once that is known, Kinsley says the information will be shared with the public. He adds that is a time consuming process.
Share.

About Author

KMAN News Director and host of In Focus. Contact Brandon at Brandon@1350KMAN.com

Comments are closed.