The Borough of Matanuska-Susitna (Mat-Su) and City of Valdez in Alaska were each hit with ransomware attacks, within days of each other, which knocked both networks offline.
The CryptoLocker ransomware is believed to have been dormant in the systems for months, possibly as early as May 3, and was described as an advanced persistent threat that may have exploited a zero-day and was undetectable to current anti-malware solutions, according to the Anchorage Daily News.
At least one unauthorized party has logged into the borough’s network and officials fear it may take up to three weeks before normal operations are restored to normal.
As a result of the attacks, all city computers and servers were shut down, city email services are unavailable and IT staff decommissioned some 650 desktop and server computers with many workers resorting to using typewriters, calculators, and other primitive methods to continue day to day operations.
“We have a manual system in place. We’re handwriting tickets,” public works director Terry Dolan told publication. “It’s going about as well as can be expected.”
The attack even affected the networks at the Mat-Su Central Landfill causing long waits as workers had to manually process loads and write down information rather than enter it into a computer.
Some of the Mat-Su borough phones and email were restored by Monday and officials were also able to access and recover some of the information due to a weak encryption layer in the malware.