TILLAMOOK COUNTY CYBERATTACK UPDATE: Recovery Efforts Continue, Systems Coming Back Online


By Laura Swanson
After nearly two weeks, computer screens were lighting up throughout Tillamook County’s offices on Monday February 3rd. According to county spokesman Gordon McCraw, “The digital recovery team continues to finish de-encrypting the data and our IT department is continuing the process to bring up each terminal.” Yes, the County’s website is back up, but there have been some glitches, and the county continues to ask for patience as they continue to recover from the cyberattack.

The cyberattack is still under investigation by a variety of law enforcement agencies, including the FBI. Arete Associates is doing a forensic study to determine the source of the attack; the county last week approved negotiations on the county’s behalf for the encryption codes. Necessary steps have been taken to mitigate future incidents. A quick Google search of “ransomware incidents” shows these statistics from 2019, per McCraw: 113 state and municipal governments – from large to small – such as New Orleans and Las Vegas, 764 healthcare companies, 89 universities, and unreported numbers of private businesses; there has been a 350% increase in ransomware incidents. The takeaway from this experience, “Everyone is vulnerable,” commented McCraw, “You gotta believe that if they are going after lil ol’ Tillamook County, they are coming after any of us.”
People here are lulled into a false sense of security, because it’s a small town, it won’t happen here, but in reality, rural areas are more vulnerable to international cyber security breaches. Everyone needs to be maintaining diligent vigilance when it comes to information security. What can you do to protect yourself?
Here are some tips from Harmonium LLC:
Make sure software and firmware security updates are installed regularly on every machine on your network- including computers, printers, tablets and smartphones.
• Backup all systems regularly to a set of removable disks.
• Use unique, lengthy, complex passwords/passphrases on every website or user account. Do not share passwords between websites. Use a password as long as the account will allow.
• Use a password manager, such as 1Password or Dashlane, to store your passwords.
• Use two-factor authentication everywhere it is available. However, not all forms of two-factor authentication are created equal.
• Upgrade your antivirus to include a more modern detection system, such as Cylance Home.
• Install ad blockers on all web browsers.
• Monitor your credit report. Obtain & review a copy of your credit report at least annually.
• Monitor your bank accounts closely. Any instances of fraud should be reported to your bank within two days of each monthly statement.
• If you believe an incident of fraud or identity theft has occurred, you can work with credit grantors to close fraudulent accounts, place a freeze on your credit file with each of the three major credit agencies, and report the incident to local law enforcement or the FBI at: www.ic3.gov.
• Experian can be reached at: 1 (888) 397-3742 or http://www.experian.com/ consumer-information/cis-contact-business.html
• Equifax can be reached at: 1 (800) 727-8495 or https://www.equifax.com/ personal/contact-us/
• TransUnion can be reached at: 1 (800) 813-5604 or https://www.transunion.com/ customer-support/contact-us-consumers
• You can also notify the Federal Trade Commission by following the steps outlined at https://www.identitytheft.gov/ or call 1877-ID-THEFT (438-4338).
• If you would like additional resources relating to protecting yourself from identity theft, you can visit Oregon’s Consumer Protection website located at https://www.doj.state.or.us/consumer-protection/id-theft-data-breaches/identity-theft/.