Henry County, an Illinois county bordering Iowa, has recently fallen victim to a ransomware attack, joining a string of local government entities across the U.S. grappling with similar cyber threats. The attack, which commenced on March 18, prompted the county’s leadership to swiftly shut down access to affected systems and initiate an investigation in collaboration with external cybersecurity experts.
Despite the disruption caused by the attack, essential services such as 911 calls and emergency dispatch remain operational, ensuring the safety and well-being of residents. Mat Schnepple, director of the Emergency Management office in Henry County, confirmed the cyberattack and emphasized the ongoing efforts to restore affected systems securely. While significant progress has been made in the recovery process, the investigation into the incident continues with the assistance of various law enforcement and cybersecurity agencies.
Despite these challenges, Henry County has implemented operational continuity measures to ensure the provision of essential services to its population of approximately 50,000 residents. The Medusa ransomware group claimed responsibility for the attack, demanding a $500,000 ransom within eight days.
This ransomware gang has demonstrated increasing sophistication since emerging in 2023, targeting diverse entities globally, including governmental organizations, educational institutions, and private companies. Brett Callow, a threat analyst at Emsisoft, notes the ongoing targeting of government organizations by cybercriminals, suggesting either perceived return on investment or a belief in the viability of such attacks.
