The malware encrypted the affected systems, and the attacker demanded payment from the county in order to obtain a decryption key. The county did not make any payment to the attacker, according to Brown.
“The county took immediate steps to isolate any computers that were impacted, while also working to maintain services to our residents,” Brown said in an email. “Most critical servers had recoverable backups that the county used to recover those servers and services.”
The county engaged a cybersecurity firm and began investigating the incident. Since the attack, staff have kept services available for residents by working directly with state agencies and using resources offered by other counties.
“The county continues to work to bring all systems and services back to full operation,” Brown said. “At this time, most county-provided computer services have been restored, and the remainder will be restored soon.”
With so many more people and businesses working from home, the threat of cyberattacks like the one Yuba County suffered is increased.
Chayney Pascua is with IT and computer services company Adept Solutions, based in Yuba City. She said ransomware has become a lucrative business for cybercriminals. Unpatched security updates provide hackers with an open door into one’s system.
“I would say we have seen an increase in email scams,” said Steven Claus of Adept’s technical services team. “As users are relying more on email to convey things and are less likely to meet in person or run into each other in the halls, malicious attackers are using this to impersonate or inject themselves into conversations.”
Pascua said people are the weakest links in most hacks through phishing.
“Social engineering threats manipulate users with the ultimate purpose of getting them to disclose confidential information and exposing internal data,” Pascua said in an email.
Other threats include passwords being obtained through phishing and vendors and contractors causing significant breaches. Experts advise that businesses provide employees with company devices, having a strong firewall with active monitoring, outsource to computer network security specialists, implement a remote-work policy, implement an acceptable-use policy, keep work data separate from employees’ personal data, create reporting procedures for when a breach happens, keep files and applications cloud-based and use additional backups, require system security awareness training, and limit privileges to need-to-know access.
When it comes to what individuals can do, the experts said password protect and enable automatic screen lock on all devices, keep systems updated with most recent security updates, install security applications, use an encrypted email and use encryption on hard drives, use strong passwords and password managers, enable multi-factor authentication, be diligent in confirming emails are from who they are, and increase communication and collaboration through programs like Microsoft Teams, OneDrive and Sharepoint.
©2021 The Appeal-Democrat, Distributed by Tribune Content Agency, LLC.
