County Manager David Headley recently released details about the ransomware attack that crippled Dawson County government computer systems earlier this year.
In the county’s June newsletter, Headley called the attack “sophisticated” and stated that no employee or citizen information was compromised during the attack that began April 23.
“We also can confirm that the attack was not a result of any shortcomings of Dawson County or its employees,” Headley wrote.
According to county IT analyst Will Shattuck, the IT department was first notified around 2:30 p.m. Monday, April 23 by the tax assessor’s office, which reported it was unable to save work on some of its files. Soon calls flooded in from many other departments, and once the IT department began investigating, it discovered a ransomware attack.
Ransomware is a type of malicious software that encrypts writable data, and only the attacker knows the decryption key.
“We started shutting down servers and trying to minimize the amount of damage, as it spreads very quickly, through the networks and through the different servers,” Shattuck said.
Headley said last week that all departments were affected in one way or another and that the county is continuing to work with cyber security specialists to safeguard county systems from further attacks.
“These proposed measures will require an investment on the county’s part in order to keep up with future technology advancements,” he said.
In order to protect the county’s security, Headley said he couldn’t be specific about the type of security the county had in place, or what is in place now.
“I will say is we had measures in place that were in keeping with the industry standards,” Headley said. “If we did not have what we had in place, we would have suffered a higher degree of data loss. Our future system will need to be modified and monitored by a higher level of industry professionals.
“This methodology is something you most likely will see across the nation as local governments, municipalities, state and federal agencies work toward protecting themselves. These threats are real and have become the fiber of information technology and will only advance from here.”
The county does have a cyber insurance policy in place through the Association of County Commissioners of Georgia, but prior to April 23 it did not have an emergency management plan in place for a ransomware attack.
As far as how much the attack has put the county back, Headley said that the county has currently spent in the neighborhood of $30,000.
“The dollar figure is still growing due to safety measures that will be put in place,” he said. “Those numbers will change as the BOC reviews recommendations from staff and industry professionals.”
Headley said the figure is “a drop in the bucket” compared to the loss the county could have suffered and the expense the city of Atlanta has experienced.
Atlanta was struck by a similar attack in March, which brought city services to a halt. The city has spent millions of dollars in the aftermath of the attack.
In the newsletter Headley commended the county’s IT department for mitigating the damage of the attack through a quick and dedicated response.
“This team- Will Shattuck, Cameron Burt and Robin Roland- led by Director James Tolbert, has displayed outstanding leadership and selfless commitment throughout this ordeal,” he wrote. ‘In addition to a regular 40-hour work week, the team has accumulated a combined 297 hours of overtime in dealing with the cyber-attack. The salvation of our data system is due to the team’s quick response and around-the-clock work.”
Headley also commended the chairman and board of commissioners for expediting approvals necessary to get things done.
He recommended a few easy steps that anyone can take at work or at home to protect against hackers.
● Do not leave passwords on your desk, on sticky notes or taped to the bottom of your keyboard.
● Do not give your password to anyone, including friends or coworkers.
● Change your passwords frequently.
● Do not use the same password across multiple sites.
● Do not open emails or emails with attachments if you are not expecting them.