SamSam Ransomware Hits Again VS Jackson County, Georgia
2017 was the Year of the Ransomware when WannaCry and its derivatives wreaked havoc to various computer installations with SMBv1 vulnerabilities. The encrypted user data that WannaCry cost the world an estimated $4 billion worth of ransom payments in Bitcoin that went to the packets of its authors. Fast forward today, in 2019, ransomware is still here to stay and continue collecting ransom at the expense of its victims, regardless if they are private institutions or a government agency.
County government of Jackson in Georgia, United States is the latest victim of the notorious ransomware, named SamSam with all their county’s computers deliberately shutdown to contain the malware. The local government’s operations were affected, as the email systems went offline, prompting county employees to resort to using paper-based documentation for the operations of their office during the ransomware attack. SamSam was allegedly developed by two Iranian nationals that were recently indicted by the U.S. Department of Justice under cybercrime violations.
“Everything we have is down, We are doing our bookings the way we used to do it before computers. We’re operating by paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult,” explained Sheriff Janis Mangum.
The government of Jackson County has expressed their confidence that the operations of the county government will continue, even at the wake of the ransomware attack. They are asking their constituents for patience, as the system is being cleaned and data recovery attempts are being done with the affected servers and workstations.
“Since the attack includes our emails, communication has been tricky but our phones still work so we are doing everything possible to keep things running as smoothly as we can. We are doing everything we can,” emphasized the county spokesperson.
Compared to the U.S. Federal government, county governments have very limited funding when it comes to acquiring IT equipment, let alone spend for expensive cybersecurity defense posture. Other than the actual hardware for cybersecurity defense, being ready with cyber threats requires the institution of dedicated IT specialist to conduct tests. This requires more funding, as hiring people competent with conducting penetration testing are not cheap. Prior to Jackson County, Georgia, the city governments of Atlanta, North Carolina, Ohio, Washington and Alaska previously became victims of ransomware infestation.