October 20, 2020

Volume X, Number 294

October 19, 2020

Subscribe to Latest Legal News and Analysis

Jackson County, Georgia Pays Hackers $400,000 After Ransomware Attack

Cities and towns continue to be a profitable target for successful ransomware attacks. As we previously reported, the list of cities and towns getting hit with ransomware attacks continues to grow.

Last week, Jackson County, Georgia admitted that it paid hackers $400,000 to obtain access to its information that was locked down by a ransomware attack. The ransomware attack locked agencies out of almost all of their systems, including the sheriff’s office that does criminal bookings, causing the county to try to do business the old-fashioned way—using paper.

According to the County Manager, rebuilding the networks from scratch (apparently there was no back-up system in place), would be a long and costly endeavor. The City Manager said they were facing closure of operations for many months, so paying the ransom was an easier option.

After payment was made, the hacker sent the decryption key, which allowed county employees to get back on their computers and resume work. The ransomware involved was Ryuk, which has been rampant and is believed to originate from Eastern Europe or Russia.

The message to state and municipal governmental entities? Check that back-up system and test it to see if it works in an emergency.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume IX, Number 73


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...