[BreachExchange] Chatham officials didn't pay ransom but still face hefty price from hack

Destry Winant destry at riskbasedsecurity.com
Wed Feb 17 10:50:53 EST 2021


https://www.wral.com/chatham-officials-didn-t-pay-ransom-but-still-face-hefty-price-from-hack/19528624/

PITTSBORO, N.C. — Chatham County government is still recovering from a
cyber attack nearly four months ago.

A hacker locked down county computer systems on Oct. 28 in a
ransomware attack designed to extort money from the county. Officials
didn't pay the ransom but are still paying a hefty price for the hack.

"We’re seeing educational institutions, religious institutions and
governments specifically being targeted by these ransomware
criminals," Attorney General Josh Stein said Monday. "The criminals
know that they don't have the same resources as big banks or large
corporations do. So, perhaps these systems are more vulnerable."

Chatham County Manager Dan LaMontagne gave an update to county
commissioners Monday night on the attack and the recovery process.

The ransomware code got into the county's computer network through a
"phishing" email with a malicious attachment, officials said. In a
phishing scheme, hackers send an email to users of a specific network
– county employees in this case – and when a single recipient of the
email clicks to open the attachment, the hackers have a window into
that network.

The hack caused the county to lose use of computers, internet access,
office phones and voicemail. The county also had to wipe and re-image
servers and more than 550 individual staff computers, and the process
of restoring everything isn't yet finished.

Some of the stolen data was posted on the internet.

“Chatham County is concerned about any sensitive files that were
posted online as a result of the cyber incident," LaMontagne said in a
statement. "Our staff has been engaged with the NC Department of
Health and Human Services and the NC Attorney General’s Office to
ensure we meet the notification/reporting requirements as it relates
to disclosures of a breach of protected health information and/or
personally identifiable information data.”

Officials are trying to determine what information was put online, and
they plan to contact each affected person as they are identified.

"Government has all kinds of information that's really critical to you
and me, a lot of our personal information," Stein said. "It's
imperative that they train their staff, that they update their
software."

Chatham County has a cyber insurance policy to offset the cost of
hacks, and officials say they believe the policy will cover "the bulk
of the direct costs associated with this incident."

"We are evaluating and implementing additional security measures and
reinforcing employee training," LaMontagne said.


More information about the BreachExchange mailing list