Tillamook County computers still down one week after ransomware attack

EDITOR’S NOTE: There was a bit of good news today – the Library’s phone system is working again, while other county departments may still be experiencing phone issues. HERE ARE ALTERNATE CONTACT NUMBERS for the County Departments:
Tillamook County Health Department is open, although there was no access to electronic medical records. The county statement assured that personal health information was protected. If patients cannot get through on regular phone numbers, please call:
● 503-812-3916 for medical and behavioral health clinic scheduling
● 503-812-3774 for dental clinic scheduling and services
● 503-354-4257 for WIC, public health and environmental health
Department of Community Development is open Mon. to Fri. from 8 a.m. to 4 p.m. Please visit the office for planning and other department services. Please call:
● 503-812-8543 for building, plumbing, mechanical and electrical inspections
● 503-812-2431 for sanitation

Associated Press

One week after an Oregon county was hit by a cyberattack, the Tillamook County computers remain unplugged while a cybersecurity firm tries to negotiate with criminals who deployed the ransomware, a county official said Wednesday, January 29th.
Tillamook County Sheriff’s Lt. Gordon McCraw, who is the county emergency manager, said the outage is creating the most havoc for the taxation and clerk’s offices in the coastal county, which are more reliant on computers.

“Department heads are of course unhappy that they can’t do things the way they used to,” McCraw said in a telephone interview.
Customers have been checking out books from county libraries the old fashioned way, with paper and pen, instead of scanning them, McCraw said.
It’s not clear if a ransom demand has been made, but McCraw said the county needs an encryption key to access all the data that the criminals encrypted. A study determined that it would take 12 years to decrypt all the data without the key.
Ransomware is malicious software that encrypts a system, effectively locking out its users. The attackers promise to decrypt the information with a decryption key if they are paid.
The county reported the attack to its cyber insurance carrier. Arete Advisors, a cybersecurity company based in New York, has been engaged to oversee an investigation and coordinate with law enforcement and “is negotiating with whoever encrypted our filed,” McCraw said.
It was not clear if a ransom demand has been made, or if Arete has established contact with the criminals. The company did not immediately respond to a request for information.
The city government said in a statement on Jan. 22, the day of the attack, that its phones and some emails and computers were still offline, affecting all departments, including county offices, the library, public works and police. Emergency 911 phone number and non-emergency dispatch lines were unaffected. The phones were affected because they are so-called VoIP devices meaning they use the internet.
In 2019, 113 state and municipal governments and agencies, 764 healthcare providers, and 89 universities, colleges and school districts in the United States were hit by ransomware attacks, said Brett Callow, threat analyst at Emsisoft, a company that produces software to protect computers against attacks. The numbers came from a compilation of press reports and help requests the company received, Callow said.