Hackers have locked up the Mecklenberg, N.C. county computer system and are demanding that a two-bitcoin ransom to release the servers be paid by December 6, just one day after the attack was launched.
The ransomware attack took place on December 5 and is so serious that county officials are considering paying the ransom, which equates to just over $25,000, according to a USA Today report. Mecklenberg County Manager Dena Diorio told USA Today that before acquiescing to the attacker's demands, officials will first see how costly it would be to decrypt the files on their own.
The ransomware entered the county system when an employee fell for a phishing attack, and has since forced government officials to shut down its entire computer system.
“This will affect email, printing and other county applications, including the ability to conduct business at most county offices. At this time, there is no Estimated Time of Recovery (ETR) available. Each county department is activating its Continuity Of Operations Plan, which is designed to address situations like this,” county leaders said in a statement.
Whether or not to pay a ransom demand is a hotly debated topic. The FBI and many cybersecurity experts have stated that it is a mistake, as there is no guarantee a payment will result in the encryption key being released and it also encourages future cyberattacks. However, some organizations, such as the Hollywood Presbyterian Medical Center, which paid out $17,000 in February 2016, have no choice, as they cannot break the attacker's encryption nor can they replace their locked files because they failed to back up their systems.
Mecklenberg County, which has 1 million residents, joins a growing list of municipalities that have been struck recently. The City of Spring Hill, Tenn. is a recent victim, but had backed up its system and was able to rebuild its network without having to pay the ransom.