Ransomware Attack on Georgia County Gets Criminals $400,000

The government of Jackson County, Georgia, paid $400,000 to regain access to their IT systems after a devastating ransomware attack.

The attack hit the county’s internal network on Friday, March 1. As a result of the infection, the majority of machines were forced offline, with the exception of its website and 911 emergency system.

After notifying the FBI, Jackson County officials worked with a cybersecurity consultant to negotiate payment—$400,000 for a decryption key and access to their ransomed files.

“We had to make a determination on whether to pay,” County Manager Kevin Poe said. “We could have literally been down months and spent as much or more money trying to get our system rebuilt.”

Poe said the ransomware was Ryuk, a new strain from Eastern Europe focused on targeting local government, healthcare, and large enterprise networks. Targeted assaults are typically executed through phishing, likely the method used in the case of Jackson County.

Ryuk recently impacted newspapers throughout the US from Tribune Publishing and Los Angeles Times. An attack from December 2018 affected the Wall Street Journal, New York Times, and other major publications.

Prevent Breaches with Realtime Security

Syxsense Realtime Security collects live, accurate data from thousands of devices in under 10 seconds. Instantly detect running .exes, malware or viruses, and kill those processes before they spread.Whether it’s a ransomware attack or supporting users on the fly, Realtime Security allows you to manage, patch, and remediate your environment with ease.