UPDATE: “Malicious malware attack” disables county government sites

July 9 press release: 

 LaPorte County Attorney Shaw Friedman today confirmed that county government computers were impacted by a sophisticated ransomware virus early Saturday morning.  Said Friedman, “ Fortunately, our IT team reacted quickly and shut down much of the system even though it was a weekend.  Less than 7% of our laptops have been infected, however it did hit our two domain controllers, which means no server can access ‘network services.’ A forensic investigation firm was also retained to determine the nature and scope of the incident, including how the County could have been infected.

 IT worked 15 hours on Sunday to ensure that the Courts and Prosecutor’s office remained operational.  This particular ransomware variant – known as RYUK  – is especially insidious as it seeks to delete or encrypt system backups. We are exhausting all possibilities, including tapping the FBI cybersecurity unit and reviewing all ‘workarounds’ in order to determine how to restore the county to a full operational status. 

 LaPorte County residents should know that IT Director Darlene Hale and her team have been working 15-hour days since this virus hit to try to restore portions of our system that can be restored.  Again, we ask patience from all concerned.

—————

July 8 press release from LaPorte County Commission

On Sunday evening, July 7, 2019, LaPorte County Commission President Dr. Vidya Kora advised county employees and the public needing to access any county government email or website that the system will be inoperable for at least a couple days as authorities respond to a “malicious malware attack that occurred on Saturday morning, July 6, 2019, that has disabled our computer and email systems.”

“Fortunately, our county liability agent of record John Jones last year recommended a cybersecurity insurance policy which the County Commission authorized from Travelers Insurance. We informed Travelers Insurance late yesterday of the malware attack and they immediately referred us to the Wayne, PA, incident-response law firm of Mullen Coughlin LLC that specializes in responses to such cyberattacks and coordinates system repairs and protection of our computers from further such virus infections.

“I participated in a conference call late Sunday morning with Council President Randy Novak, our County Auditor and County Attorney and the IT Department along with the incident response team assembled by Mullen Coughlin to develop a game plan to respond to the attack and come up with an approach to repair our systems and protect them from further damage,” Kora said. “Mullen Coughlin will also assist us as we prepare documentation to report this attack to the FBI and other appropriate law enforcement agencies.

“Mullen Coughlin has dispatched experts who will be arriving on the scene later tonight (July 7) to assist our County IT department. I commend our IT Director Darlene Hale and her team for shutting down our systems Saturday afternoon as soon as the malware virus was detected. Unfortunately, at least half our servers have been infected and it will take some time to fully restore service. I ask for patience from members of the public as we seek to become fully operational again.”

3 Responses to “UPDATE: “Malicious malware attack” disables county government sites”

  1. Chris Smith

    Jul 08. 2019

    CBS 60 Minutes had a report on this a while ago. The number of city, county and state servers affected is staggering. Thankfully, we had a plan to deal with it. In many cases, though, the attack comes from overseas, so we are powerless to prosecute the offenders.

    Reply to this comment
  2. andrew serafin

    Jul 08. 2019

    great to know that they sent experts. the county deserves the very best

    Reply to this comment
  3. Jeff Barnard

    Jul 10. 2019

    I am rarely surprised at the professionalism of La Porte County employees.

    Reply to this comment

Leave a Reply