Bladen County, North Carolina, faced a severe cyberattack, compelling officials to engage the state’s national guard for support. Although the attack allowed hackers to access county data, the extent went beyond mere information theft, with “irregularities” detected in the system.
While ransomware wasn’t explicitly mentioned, the county invoked the North Carolina Joint Cybersecurity Task Force, comprising external experts, to conduct a forensic investigation and secure servers. Despite the state’s ban on ransom payments, North Carolina’s local governments have been persistently targeted by ransomware groups, revealing ongoing challenges and cybersecurity threats at the municipal level.
Rodney Hester, Chairman of the Bladen County Board of Commissioners, reassured residents that emergency services remained fully operational during the incident, highlighting the county’s emergency preparedness plans. The dedicated IT professionals are collaborating with leading cybersecurity experts to restore the county government systems, which currently operate in a “limited capacity.” While the attack impacted internal servers and internet-dependent systems, no indications suggest the compromise of state or other government levels. The incident raises questions about the efficacy of ransom payment bans, with cybersecurity experts emphasizing potential disregard and subsequent penalties for victims as they navigate legal ramifications to restore business functions.
The cybersecurity landscape extends beyond Bladen County, as demonstrated by a network failure in St. Lucie County, Florida, where offices operate by appointment due to issues expected to last from Monday to Saturday. The AlphV/Black Cat ransomware gang claimed responsibility, announcing the theft of an undisclosed amount of data. Florida, like North Carolina, prohibits government entities from paying ransoms, reflecting a broader trend of ransomware groups targeting local governments and counties across the United States, prompting concerns about the effectiveness of legislative measures in deterring such cyber threats.
References:
