Washington County faced a critical decision following a recent cyberattack, leading the Board of Commissioners to formally vote on a $350,000 ransom payment. The vote, conducted on Thursday, has stirred controversy regarding the transparency of the process, with concerns stemming from secret and emergency meetings. Solicitor Gary Sweat addressed these concerns, explaining that the urgency was driven by deadlines set by the cybercriminals.
The county’s operations were severely impacted by the January cyberattack, leading to the shutdown of multiple services. The board’s 2-1 vote on February 6, in an emergency meeting, authorized the payment to alleged Russian cybercriminals, alongside an additional $20,000 to a company handling the transaction. Commissioner Larry Maggi expressed dissatisfaction, viewing the payment as an invitation for more cyber attacks.
Chairman Nick Sherman acknowledged the less-than-ideal decision but emphasized the potential danger of data on the dark web. Sherman highlighted the sensitive information present in county records, particularly data on children in need of services due to abuse or abduction. Despite experts advising against ransom payments, Sherman argued that the potential harm to vulnerable individuals justified the county’s action. Currently, 80% of the county’s system has been restored post-payment.
The funding for the ransom payment was drawn from the American Rescue Plan funds, introducing further debate on the allocation of these resources and the broader implications of succumbing to cybercriminal demands.