A hacker’s 1 p.m. deadline to pay $23,000 passed Wednesday, and Mecklenburg County has not decided whether to pay the ransom for a cyber-attack that “paralyzed” the county. County manager Dena Diorio, at a 2 p.m. news conference at the Government Center, said third-party security experts believe the attack by a new strain of ransomware called LockCrypt originated from Iran or Ukraine. Forty-eight of about 500 county computer servers were affected.
An employee of the Mecklenburg County government on Monday received an email routed from another employee’s account and opened it and a malicious attachment, infecting the county’s network. Hackers set a deadline of 1 p.m. Wednesday for officials to pay a ransom of about $23,000. Hours after the deadline passed, County Manager Dena R. Diorio said Mecklenburg would not pay the ransom.
Later, on December 7th, they reported hackers have tried new attacks on its computer systems after it refused to pay them the ransom, Mecklenburg County manager Dena Diorio sent an email Thursday to county employees advising them that hackers were targeting the county primarily through fraudulent email attachments.
I do not have to tell you how this could have been prevented.
We strongly recommend to phish your own users to prevent these types of very expensive snafus. If you're wondering how many people in your organization are susceptible to phishing, here is a free phishing security test (PST):
Most recent update at the Charlotte Observer