After February ransomware attack, La Salle County bolsters network security

The February ransomware attack against the La Salle County government was highlighted Monday in a national CBS news report about cyber attacks.

On Wednesday, IT director John Haag said the county is as confident as can be in protecting its computer networks.

Ransomware is a malicious software attack designed to block access to a computer system until a ransom is paid.

Since the February attack, Haag said the county has recovered 95% of the encrypted files without paying the hackers a dime. The 5% of files lost were documents saved by county employees to the desktop computers without backing them up on the county’s network — which is strongly encouraged by Haag moving forward.

Haag said the county has partnered with the Department of Homeland Security to do regular penetration testing of the county’s network. Haag receives a weekly report and IT staff address any issues found to strengthen the county’s network.

The county also has a security vendor to monitor network traffic. Haag and his senior network administrator are on-call 24/7 to react to any immediate concerns with the network.

Haag also said the county has enacted policy changes by users.

“The landscape changes every day,” Haag said. “There’s no way to be perfectly secure, but we’re doing everything we possibly can.”

The CBS News piece reported six Russian military officers were charged in malware attacks — including one at a Pennsylvania hospital and at a pharmaceutical company. There is no report the Russian hackers were responsible for La Salle County’s attack, but the news piece included La Salle County’s government as an example of a recent ransomware attack.

The ransomware note said hackers wanted $428,000 in Bitcoin, Haag told CBS News.

The Feb. 23 attack on La Salle County took down email accounts, limited access to documents and caused many county services to be provided “the old-fashioned way” with paper.

While the cost of the ransomware attack was roughly $500,000, the county was able to pay a $5,000 deductible to its insurance company to cover all the costs, including hundreds of hours of overtime put in by its IT staff.

“My staff did an impeccable job the last eight months bringing the county out of the ransomware successfully and with no cost to the taxpayers,” Haag said.

Leave a Reply

Your email address will not be published. Required fields are marked *