Orange County in North Carolina suffered its third ransomware infection in six years, the local government announced on its website on Monday. The attack, probably stemming from a phishing email, a very common practice in such situations, crippled the county’s IT infrastructure and left a number of departments struggling with operations.
The attack, detected on Monday and isolated by Wednesday, disrupted over 100 computers at the local library, tax department, Country Register of Deeds and Sheriff’s department. IT Director Jim Northrup said no data was lost or stolen.
On Wednesday, a number of departments were operational again, including the Register of Deeds, Health and Dental Clinics and Animal Services.
There’s an ongoing investigation with FBI, local law enforcement and cybersecurity experts but “the threat of re-infection exists,” the county says.
“Right now we can confirm that the county detected an encryption virus on our computer network early Monday morning. At this point, no data has been lost or any sensitive information stolen. The attack is still under investigation,” Orange County spokesman Todd McGee wrote in an email to ISMG.
“Almost all of our services have been restored, but we can’t put a definite timeline for when all will be back up,” McGee added. “We have not received a ransom request.”
Officials did not name the strain of the ransomware, nor say how the malware got in the system in the first place. The major issue local governments have been struggling with in fending off attacks is the lack of staff and budget to invest in proper procedures. This has led to the repeated attacks in North Carolina, and to last week’s Ryuk ransomware infection of Jackson County Georgia, which ended up paying $400,000 in ransom.