Pen and paper have made a resurgence in Jackson County offices as hackers continue to hold their computers and digital records hostage in lieu of a ransom.
“We are still working even if it’s with pen and paper,” said County Judge Jill Sklar.
Tuesday morning, county officials discovered hackers had successfully penetrated their computers and internal network belonging to the county sheriff, district attorney, district clerk and other offices after a Jackson County dispatcher found she could not access some data on her computer.
When county officials sent an email to an address provided by the malicious program to ask that access be returned, the hackers refused and instead demanded a ransom payment for the hostage computers and their data, Sklar said. Access to the county’s computers was probably gained, she said, through phishing, a method in which hackers gain access by sending seemingly legitimate emails.
Sklar declined to reveal how much is being demanded but said it was “large” and was requested in the form of Bitcoin, an untraceable digital currency often used for such transactions.
“We are not interested in paying this ransom. At this point, we are checking our options,” said Sklar, adding that decision was made in part on principle to prevent the perpetuation of digital hostage taking.
County information technology experts soon discovered that backed up data was also compromised, Sklar said.
“It’s very malicious,” said the first-term county judge, who took office in January. “They wanted us to hurt enough to pay the ransom.”
In an attempt to restore the backup files, the county has consulted with a California IT company that specializes in such work.
“We are keeping our fingers crossed,” said Sklar, describing recovery efforts as in their early stages.
The attack has prompted an FBI investigation and forced the county to rely on analog means of record keeping as computer experts do their best to unlock the computers and files.
Sklar said she had no estimate yet for when the problem would be resolved.
District Clerk Sharon Mathis said her reluctance to trust solely in digital records has allowed her office to continue almost all of its duties.
Although her office began storing documents with computers several years ago, each and every record is also kept in a physical, paper format.
The loss of her computers has burdened her staff with enormous workloads, requiring her to staff a deputy to transcribe some forms.
But she wondered how long that could continue with some appeal reports that rely on digital records due in a matter of weeks.
Jackson County Sheriff Andy Louderback said his office also has relied on paper reports and records in the meantime. Despite the momentary lockout, the emergency dispatch office is still functioning. Deputies in the field are still able to access criminal records because that computer system was isolated on another, unaffected network, he said.
“We’re going back in time,” he said.
Jackson County is hardly alone, and similar digital ransom attacks have been reported throughout the country as of late.
After suffering a similar but more widespread attack on May 7, Baltimore officials refused to pay a $76,000 ransom, according to a Baltimore Sun article. Instead, the city is expected to incur about $18.2 million in lost revenue as well as recovery and repair efforts. A similar attack targeting city of Atlanta computers in 2018 was estimated to cost about $17 million.
In Jackson County, Sklar said she had no estimate yet for how much recovery might cost. She also said she was considering the possibility of losing all the data and rebuilding the records, which could potentially require significant resources.
But Sklar said she and commissioners were committed to preventing future attacks.
“We’re going to find a solution to this problem,” Sklar said. “We are going to get it fixed.”
Victoria County IT Director John Sestak said attacks like those targeting Baltimore, Atlanta, Jackson County and other local governments are an unfortunate reality for doing business in the digital age.
“It’s been out there for some time, but it’s becoming more prevalent,” he said.
Sestak and his staff use firewalls and have purchased a subscription to digital security firms to constantly adapt their screening methods to combat the ever-evolving phishing attacks. As a part of employees’ orientation, they also educate all computer-using employees on how to discern real emails from imposters.
“Cyber security is no longer just IT’s responsibility,” he said.
That education is in part provided by the Texas Association of Counties, which could not be reached for comment Thursday.
Nevertheless, there is no guarantee of safety – especially for local governments with limited resources, Sestak said.
“If the big guys are getting breached, what can we do?” he said, adding, “Something new might come out tomorrow.”