Mecklenburg County’s hacking is just the latest such incident of data kidnapping to be reported in the U.S., with victims including local governments, school systems and businesses.
In every case, the hackers have demanded bitcoin currency before surrendering the data they’ve held hostage.
“Experts have seen a spike in ‘ransomware’ attacks across all sectors of the economy in recent years,” reports EdWeek.org. “Criminals have hit all types of organizations, public and private, including K-12 districts.”
In a nine-month period in 2014, the FBI received 1,838 complaints about ransomware, and it estimates that victims lost more than $23.7 million, reported the Washington Post. The next year, the bureau received 2,453 complaints, and victims lost $24.1 million.
Never miss a local story.
Sign up today for a free 30 day free trial of unlimited digital access.
In the past year and a half multiple local governments have been held up by hackers. some of them choose to pay, and some don't. Rachel Wise
School systems have become among the most popular targets of hackers, because “they are finding a relatively weak system to protect a valuable student data,” The Wall Street Journal reported in October. So-called “cyberthieves” struck three dozen school districts from California to Georgia this year, stealing paychecks and data, it reported. Among the victims was the school district in Horry County, S.C., which was hit by hackers in 2016.
Here are other examples of recent hackings:
- The closest example to Charlotte happened in August with Dorchester County School District 2 in Summerville, S.C. Hackers demanded up to $2,900, which the district paid to get back its files. A year earlier, Horry County Schools in Conway, S.C., was hacked for $10,000 in bitcoin ransom.
- Last month, computer hackers targeted the Sacramento Regional Transit system, resulting in 30 million files being deleted, according to Bitcoinist.com. The ransom price demanded by the hackers for that attack was a single bitcoin.
- In September, it happened to Montgomery County, Ala., which paid thousands of dollars in ransom to hackers in order to recover stolen government data, according to the political website The Hill. County officials were locked out of their government computers and ultimately paid nine bitcoins – between $40,000 and $50,000 – to hackers in order to recover between 60 and 70 terabytes of data, reported the Hill.
- St. Louis was hit in January, when hackers infected every public computer in the St. Louis Public Library system, reported CNN. It stopped all book borrowing and cut off Internet access. The hackers demanded $35,000 in bitcoin, but the library refused to pay. Instead, it wiped the entire computer system and reset it, which took nearly two weeks, CNN reported. An FBI investigation identified a 4-year-old voicemail server as the hackers’ entryway to the library’s systems.
In the case of Mecklenburg County, the virus got into computers because someone on staff opened an attachment in an email, launching a worm into the system. This sort of computer infection, called “ransomware,” encrypts files or otherwise locks users out until they pay for the key.
A hacker’s 1 p.m. deadline to pay $23,000 passed Wednesday, and Mecklenburg County has not decided whether to pay the ransom for a cyber-attack that “paralyzed” the county. County manager Dena Diorio, at a 2 p.m. news conference at the Government Center, said third-party security experts believe the attack by a new strain of ransomware called LockCrypt originated from Iran or Ukraine. Forty-eight of about 500 county computer servers were affected. Diedra Laird
Bitcoinist.com says it’s cheaper to pay the hackers, and suggested Mecklenburg County seriously consider it.
Related stories from Charlotte Observer
“Local governments and businesses do find themselves in a quandary when targeted by hackers,” according to the site. “Is it actually cheaper to pay the hackers off to once again have access to critical files? A third-party group could restore said files, but using them could cost more than what the hackers were demanding.”