The October ransomware attack primarily targeted Chenango County's email system and was likely compromised by a remote login. It affected computers in every department except the sheriff's office and social services.
(TNS) — Chenango County has nearly recovered from a cyberattack that affected about half the county government's 400 computers late last year.
The last of the affected desktops and one server, which contains mostly archival materials, are being restored, according to Herman Ericksen, county director of information technology.
"We're getting towards the end," he said.
About 200 county employees were locked out of their computers Oct. 18 in an apparent ransomware attack. The attackers — likely based in Hong Kong, according to Ericksen — demanded $450 for the release of each machine, totaling around $90,000, which the county refused to pay.
The attack primarily targeted the county's email system and was likely compromised by a remote login, the use of which has significantly increased since the onset of the coronavirus pandemic, Ericksen said. It affected computers in every department except the sheriff's office and social services, which rely primarily on an independent network.
In October, shortly after the initial attack, the Chenango County Board of Supervisors allocated $200,000 from unexpended reserves to cover the "ongoing expenses," according to Lawrence Wilcox, Oxford town supervisor and chair of the board.
About $85,000 will be used to switch the county computers over to the Microsoft Office 365 suite, which is cloud-based, according to Ericksen.
Office 365 is a subscription service and will require further budgetary allocations in the future, he said, though likely not as much as the initial transition cost.
The ransomware attack remains under investigation by New York State Police and the Federal Bureau of Investigation, which have not issued any updates, according to Wilcox.
A series of computer logs were sent for examination by the New York State Department of Homeland Security, Ericksen said, and data was successfully restored to the computers that were wiped.
"We were lucky," Ericksen said. "We had good back-ups."
©2020 The Daily Star, Distributed by Tribune Content Agency, LLC.
Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.