Hackers found their way into the server at the Lincoln County Sheriff's Office on July 24. A ransomware attack occurred during the early morning hours. The system went down at around 12:40 a.m., according to Lincoln County Sheriff Bill Beam. The Lincoln County Sheriff’s Office website was taken down as well.
“We had officers on the night shift that were entering data into the system from calls that they had been taking and they realized that the system was down,” he said. “They contacted IT and they went into check it and discovered that it was hacked.”
“Ransomware” is a form of malware using a software code that holds a user's computer hostage until a ransom fee is paid. This type of malware can infiltrate a personal computer, or in this case, a server as a computer worm or Trojan horse taking advantage of open security vulnerabilities.
“They gave us things that they want us to do such as logging in, downloading software and contact them on the dark web,” Beam said. “We’d have to give them more and more information about us so they can decide what to charge us. We have not made that contact, we’re not going to and we’re not going to pay a ransom.”
State Rep. Jason Saine has reached out Beam offering his support and the North Carolina State IT Disaster Team is going to come in to help the county resolve this issue. Lincoln County information technology personnel are currently working on the problem but it could take weeks before the server is restored. There are paper back-ups kept at the office so these records will need to be rekeyed back in.
“The FBI has started an investigation,” Beam said. “They didn’t take information about any employees or inmates or anything else off our server. They went in and destroyed our back-up and encrypted our information.”
There were deficiencies in the system and safeguards that could have been in place to have either stopped the attack or helped to get the server back on line sooner, Beam said.
“One thing that I’m going to make sure that’s in place before we go back on line is that we have an off-site storage of our back-up data,” he said. “Because our back-ups were in the same system they were able to destroy that.”
The Sheriff’s Office has a hard back-up that was done several months ago, which will help with the process. No other county servers were affected, according to county manager Kelly Atkins.