County recovering from attack on computer system
If you had business to do with Milam County a few weeks ago, you may have had no luck thanks to a ransomware attack that crippled computer systems throughout the county.
County Commissioners heard a report on the attack during a meeting on June 10.
Garrett Dycus with McLane Intel, the county’s IT provider, gave the court a report on the attack that took place on May 21.
“This isn’t an easy conversation to have because no one likes to be attacked,” Dycus said. “Basically I am here to go over what happened and what we did to remediate and what moving forward looks like.”
Dycus said there was ransomware or remnants of ransomware on the computers. Between Feb. 15 and March 28 an attack came in to the county’s computer system. He said the virus didn’t kick off immediately. He said it was just hanging out on the computer and then as McLane IT began to work with county in switching out computer systems it kicked off.
“We got a call on Tuesday, May 21, from someone saying that they couldn’t get to some of their files,” Dycus said. “The files were there, but they were named different and were encrypted. We took immediate steps to stop the infection from spreading.”
The county’s computer systems were all shut down and they began the process of cleaning off all the county’s computers individually.
The service was restored on May 27. Dycus said there are still a few issues but at this point all service has been restored.
Dycus said the attack was active in the system on May 21 and that because of the software that was on the system it didn’t encrypt everything and they were able to stop it from spreading.
He said it was a fishing attack specifically designed for government entities and Fortune 500 companies. The attackers hold the information ransom. There have been several attacks on municipalities throughout the country.
The attack shut down all county systems and the county was down for seven days. Dycus said the ransom was about $184,000 but the county did not pay, they were able to recover.
“Now that we have stopped it, we need to go in and figure out how to prevent this from happening again,” Dycus said. “We will add security measures to prevent the fishing emails.”
Milam County Judge Steve Young said that the attack originated from someone clicking on an excel spreadsheet in an email and that it may have been laying dormant in the county’s computer system since March.
Young thanked the Milam County Justices of the Peace for the use of the $125,000 from the Justice Court Technology Fund, which can only be used for technology purchases or upgrades.
Dycus said the cost from this incident to the county has been about $50,000 to McLane IT so far.
He said employees should be careful what they click on to prevent this in the future and there is training for employees to know what to be careful of.
“Ya’ll have done tremendous work since this hit us,” Precinct 1 Justice of the Peace Greg Hoelscher said. “I know where we would be had you not been here. What is the plan moving forward? This is something that has to be fixed.”
Young said there are new computers that will replace all the older computers that are running old programs that are susceptible to viruses.
Young said that had McLane Intel not been on board already with the county and this happened it would have been a disaster to the county.