IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

San Bernardino County, Calif., Paid $1.1M to Hackers

County officials have acknowledged that they paid the cyber extortionists who uploaded malware to the Sheriff's Department's computer system. The county paid $511,852 while insurance covered the remainder.

(TNS) — San Bernardino County acknowledged this week that it has paid a $1.1 million ransom to a hacker who uploaded malware to the Sheriff's Department's computer system.

In a ransomware attack, a criminal enters a system and encrypts the data, leaving the owner unable to access it. If a ransom is paid, usually in cryptocurrency, the criminal will provide a decryption key to unlock the data.

For weeks, the county said little publicly about the hack, other than to call it a "network disruption."

David Wert, a county spokesman, said the county had anticipated such a computer invasion and had taken out insurance. He said that of the $1.1 million payout, the county's share was $511,852 and that the insurance company paid the rest.

Sheriff Shannon Dicus said Wednesday that the cyber attack did not compromise public safety but workarounds were required for certain tasks. For instance, he said, deputies could not access the California Law Enforcement Telecommunications System, which can tell deputies when a person is wanted for crimes elsewhere in the country. So deputies would request other agencies check the CLETS records.

It was unclear Thursday whether any information was stolen. The department is still going through its systems to learn what has been affected. Those that have been determined to be safe and functioning are being turned back on, said Mara Rodriguez, a sheriff's spokeswoman.

No other county department computer systems were affected, Wert said.

Chuck Brooks and some other cybersecurity experts say paying a ransom is a bad precedent.

"Generally, businesses should not pay for ransomware as they will likely be hit over and over again as it will be shared and sold by criminal hackers on the dark web," Brooks said in an email on Thursday, May 4.

Brooks, in a story he wrote that appeared in Forbes magazine, said ransomware has been around since the late 1980s and "it has become a trending and more dangerous cybersecurity threat."

Wert said there was a discussion about whether to pay but declined to elaborate beyond this statement:

"The decision whether to render payment was the subject of careful consideration," Wert said. "On balance, and consistent with how other agencies have handled these types of situations, this was determined to be the responsible course."

Other municipalities have paid ransoms as well.

Jackson County in Georgia paid $400,000 after its entire email system was taken offline. Delaware County in Pennsylvania paid $500,000 after hackers got access to police reports, payroll and other systems. Montgomery County in Alabama had to cough up only $37,000 to get its files returned.

But not everyone has paid.

Suffolk County in New York reportedly spent $17 million to restore its network after refusing to pay a $2.5 million ransom. The county's security contractor, Palo Alto Networks, has been involved in more than 650 cases involving ransomware and of those cases, it has negotiated payment in more than 300, Newsday reported.

The San Bernardino County Sheriff's Department is conducting a forensic examination of the hack, "the findings of which will benefit all public agencies looking to avoid a similar occurrence," Wert said. The FBI was also investigating, the county has said.

©2023 the San Bernardino County Sun, Distributed by Tribune Content Agency, LLC.