Pennsylvania county pays $350,000 cyberattack ransom
The local government in Washington County, Pennsylvania, said Thursday night that it had authorized a ransom payment of about $350,000 in response to a cyberattack in January.
Gary Sweat, the county’s solicitor, explained the response to an incident that caused the government to shut down its servers on January 24 after a warning from the federal Cybersecurity and Infrastructure Security Agency (CISA).
“Foreign cybercriminals were able to seize control of the county’s network, basically paralyzing all of the county’s operations,” Sweat said, according to the Observer-Reporter newspaper. “The attack was unprecedented. I think it’s safe to say no one at this table has ever encountered or experienced such a cyber incident.”
Sweat said the county hired a cryptocurrency company, DigitalMint of Chicago, to facilitate a payment of $346,687 to suspected Russian hackers. DigitalMint also charged a fee of $19,313.
The Pittsburgh suburb first noticed an intrusion on January 19, and five days later it became a full-blown ransomware attack. Sweat said that on February 5, digital forensics company Sylint confirmed that the hackers had pilfered large amounts of sensitive data, including information about children in the court system.
On February 6, the county commission held an emergency meeting after the hackers gave them a 3:30 p.m. deadline to pay the ransom and reclaim the data, reports said.
“While paying the ransom was not the county’s first choice, we decided that after weighing all factors, it was the best approach,” Sweat said.
The FBI’s official position is that ransomware victims should not pay up, because there is no guarantee the attackers will decrypt affected data, and also because paying emboldens them to try again elsewhere.
The county commission voted 2-1 on February 6 in favor of the payment. Commissioner Larry Maggi voted against the transaction, saying Thursday night that “the whole thing stinks,” according to WPXI-TV.
“We can’t live in fear, my goodness!” Maggi said. “Home of the brave... we are living in fear of Russia!”
Joe Warminsky
is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. Most recently he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.