Tillamook County Victim of “Malware” Attack, County’s Servers Down for Undetermined Time

By Laura Swanson & Press Release Information provided by Tillamook County
Tillamook County has become aware of a data security incident which impacted its computer systems.
On the morning of January 22, 2020, Tillamook County began to experience computer difficulties which affected several of its computer systems. The county Information Technology Department, led by IT Director Damian LaViolette, immediately launched an investigation and determined that it was the victim of a malware attack.

Tillamook County will coordinate with law enforcement and has retained an independent computer forensics provider and legal experts to assist in the investigation. The investigation is in its early stages. There is no information that the personal information of its employees or residents has been accessed or misused.
Tillamook takes the security of the information entrusted to us very seriously. We are taking steps to prevent a similar event from occurring in the future, including strengthening security measures.
Although we are not at liberty to share many details about this matter at this time, we will provide a further update once the investigation is complete.
The malware attack impacts all county departments. We apologize for the inconvenience to the public we serve. All computer systems are offline at this time, our website is down and the phones are working intermittently. The courthouse and other external departments remain open for business. However, our ability to do business electronically is compromised.

“The County will be operating ‘old school’ for a few days,” said Tillamook County Commissioner Mary Faith Bell. “No credit cards and we’ll have to come up with work arounds to take care of county business.” She continued, “We want to assure the public that no data has been compromised, not health or personal information.”
The cyberattack impacted all county departments – from computer email issues to phone issues. The county has provided additional contact phone numbers below.
The Tillamook County Health Department and the Department of Community Development are directing patients and customers who can’t get through on their regular, published phone numbers to use alternative phone numbers at this time, provided below.
Tillamook County Health Department is open for business as usual. There is no access to electronic medical records at this time. Please be assured that personal health information is protected. If patients cannot get through on our regular phone numbers please call:
●503-812-3916 for medical and behavioral health clinic scheduling
●503-812-3774 for dental clinic scheduling and services
●503-354-4257 for WIC, public health and environmental health
Department of Community Development is open Mon. to Fri. from 8 a.m. to 4 p.m. Please visit the office for planning and other department services. Please call:
●503-812-8543 for building, plumbing, mechanical and electrical inspections
●503-812-2431 for sanitation.

When the breach was discovered, the County’s IT department shut down connections to other systems, such as Adventist Health hospital, 911, the library, so the malware was not passed on to other servers. The county’s new IT Director Damian LaViolette has been working to upgrade the County’s systems and security.

According to cybersecurity specialist Jeremy Saldate of Harmonium, “This should serve as yet another teachable moment for Tillamook County. Simply because we are physically isolated, makes zero difference to the caliber of attackers which are most often targeting the low-hanging fruit. As Tillamook, and the entire coastal region’s relatively lax level of preparedness in regards to cybersecurity issues bubbles up to target level, it’s going to happen more and more frequently. Each time I check, I typically see a wide array of options available to attackers to target institutions up and down the coast. We need to do better, educate ourselves, and actually commit money to it, if we want these types of problems to be reduced.”
At this point in the investigation, there are more questions than answers until cybersecurity experts can determine solutions to the issue. “We would ask for patience,” said Bell. There is no timeline for how long resolution could take.
Thank you for your patience as we work through this issue.