LAPORTE — About $132,000 worth of Bitcoin was paid by LaPorte County to ransomware hackers to regain access to part of its computer systems, according to a county news release.
Ten and a half units of the virtual currency ransom were sent to the hackers as a last resort after an FBI code couldn't crack the virus that locked some of the county's data away. Once paid off, the hackers gave the county a decryption key to unlock the data.
“This particular virus — RYUK — that was used by the bad actors in this attack was particularly insidious in that it jumped over all our firewalls and was able to penetrate backup servers,” said Vidya Kora, president of the LaPorte County Commissioners. “Even after conferring with the FBI’s cyber security unit to determine if their decryption codes would work, they determined after several tries their 'keys' would not unlock our data.”
The virus infected about 7% of the county's computers and server network July 6. Local government servers, including email, were shut down so they could be saved from the slow spread of the malware.
Originally, the ransom was $221,000, but a firm hired by the county was able to talk down the hackers. Insurance will cover $100,000 of the $132,000 paid.
Kora said personal information of county employees appears to not have been accessed by the hackers.
The commissioners plan on improving anti-virus protections, increasing employee IT training and conducting an annual cyber security audit, among other provisions.
“Unfortunately, in a day and age where cyber-crime has become so lucrative and many private and governmental entities across the country are being ‘extorted’ for their data, an ounce of additional prevention will be worth a pound of cure,” Kora said.