Computers still down in Oregon county hit by cyberattack

File photo

File photoNSL

By

One week after Tillamook County was hit by a cyberattack, the county computers remain unplugged while a cybersecurity firm tries to negotiate with criminals who deployed the ransomware, a county official said Wednesday.

Tillamook County Sheriff’s Lt. Gordon McCraw, who is the county emergency manager, said the outage is creating the most havoc for the taxation and clerk’s offices in the coastal county, which are more reliant on computers.

“Department heads are of course unhappy that they can't do things the way they used to,” McCraw said in a telephone interview.

Customers have been checking out books from county libraries the old-fashioned way, with paper and pen, instead of scanning them, McCraw said.

McCraw said the county needs an encryption key to access all the data that the criminals encrypted. A study determined that it would take 12 years to decrypt all the data without the key.

Ransomware is malicious software that encrypts a system, effectively locking out its users. The attackers promise to decrypt the information with a decryption key if they are paid.

The county reported the attack to its cyber insurance carrier. Arete Advisors, a cybersecurity company based in New York, has been engaged to oversee an investigation and coordinate with law enforcement and "is negotiating with whoever encrypted our filed,” McCraw said.

It was not clear if a ransom demand has been made or if Arete has established contact with the criminals. The company did not immediately respond to a request for information.

The city government said in a statement on Jan. 22, the day of the attack, that its phones and some emails and computers were still offline, affecting all departments, including City Hall, the library, public works and police. Emergency 911 phone number and nonemergency dispatch lines were unaffected. The phones were affected because they are so-called VoIP devices meaning they use the internet.

In 2019, 113 state and municipal governments and agencies, 764 health care providers, and 89 universities, colleges and school districts in the United States were hit by ransomware attacks, said Brett Callow, threat analyst at Emsisoft, a company that produces software to protect computers against attacks. The numbers came from a compilation of press reports and help requests the company received, Callow said.

-- The Associate Press

If you purchase a product or register for an account through a link on our site, we may receive compensation. By using this site, you consent to our User Agreement and agree that your clicks, interactions, and personal information may be collected, recorded, and/or stored by us and social media and other third-party partners in accordance with our Privacy Policy.