News

Actions

An Indiana county just paid hackers over $100k in ransom – and they’re not alone

Posted at 8:34 PM, Jul 18, 2019
and last updated 2019-07-18 20:34:26-04

LAPORTE Co., Ind. —  The government of Laporte County was the latest to have its computer systems taken over by hackers and held for ransom.

Laporte County decided to pay the criminals in what experts say is a disturbing and frightening trend for tech-savvy thieves.

Experts said the vast majority of these attacks, more than 80% start with criminals obtaining log-in credentials, like usernames and passwords, to gain entry to computer networks. From there, they lock out the administrators, and hold data for ransom. Laporte County was the latest front in this cyber war.

“The bottom line is that we are in a cyber-war, and the war is massive," Darren Guccione, CEO of Keeper Security, Inc., said. "It’s a quiet one, but we are in a cyber-war.”

Nearly a quarter of the nation’s cities and counties said they’re fending off cyber-attacks on government networks once an hour.

“The cyber-criminals view municipalities, in this case, as low hanging fruit," Guccione said.

In Laporte, criminals hacked the network and locked out officials out of the county’s computer systems, essentially holding data and information for ransom.

In a written statement, the president of the county’s Board of Commissioners said, "This particular virus, Ryuk, that was used by the bad actors in this attack was particularly insidious in that it jumped over all our firewalls and was able to penetrate backup servers."

Officials decided to pay $132,000 in bitcoin to hackers.

Guccione is the founder and CEO of Keeper Security in Chicago. He said hackers are targeting small and medium sized municipalities because they typically have older software programs and no cyber security strategies.

“Cyber-criminals are becoming far more sophisticated, and they know municipalities—local, federal and state governments—have antiquated software and it controls around cyber security protection," Guccione said.

The Laporte County payment was described as a last resort after the FBI worked around the virus.

Related: DNC warns candidates of Russia-based FaceApp; developers issue statement

In Laporte County, once the hackers were paid, they gave the county a decryption key to unlock the data.

“They get a nominal amount of money from each one and in the aggregate, they’re making billions of dollars on this campaign," Guccione said.

“Unfortunately, in a day and age where cyber-crime has become so lucrative and many private and governmental entities across the country are being 'extorted' for their data, an ounce of additional prevention will be worth a pound of cure," the board president said.

Laporte is now part of a long line of recent victims in which cyber attacks have paralyzed an airport in Cleveland, city governments in Baltimore and Atlanta, the Department of Transportation in Colorado, the Port of San Diego and dozens of hospitals around the country.

“Whether you’re a hospital, a bank, a municipality, a larger government agency, the point is all of these larger organizations are fiduciaries of information, and in this case if it’s a hospital not only are they protecting your information, they’re protecting your life," Guccione said.

While it seems like criminals and hackers are always one step ahead, experts said the best ways for governments to protect themselves is to invest in security systems that monitor if passwords have been stolen and sold on the dark web, then they’ll know to change them immediately.