Sources told Action News that cybercriminals took control of the network on Saturday by encrypting files including police reports, payroll, shopping and other databases. However, the prosecution evidence was not affected.
Sources said the county is paying the $ 500,000 ransom because it is insured for such attacks.
Ed McAndrews, a cybercrime lawyer and former federal prosecutor, said “ransomware” hacking is rampant across the country.
Local governments and businesses often hire law firms like his, DLA Piper, to negotiate with hackers.
“The average ransom has gone from $ 30,000 to over $ 500,000 and that’s the average,” McAndrews said.
McAndrews said governments often have to pay because time is running out and many hackers have a reputation for releasing databases after being paid in cryptocurrency like Bitcoin, which sources say hackers in County of Delaware require.
“You often ask for proof of life, meaning you tell us, if you say you stole data, you show us some of the data that you stole,” McAndrews said.
Sources said the Delaware County attack IP address is linked to the Netherlands, but the criminals could operate from anywhere in the world.
“These are professionals, not your recreational criminals,” said Phil Bianco, chief technology officer of computer security firm Melillo Group.
He says if the hackers decrypt the county’s files, the job is still not done.
“You have to really secure your infrastructure, make sure that you will not be touched again, you have to validate the data that has been sent back to you, verify that everything is there and in its entirety,” he added.
Bianco said businesses and governments should train employees on how these attacks occur and come up with an incident response plan for any future attacks.
Copyright © 2021 WPVI-TV. All rights reserved.