The city of Durham, North Carolina and the government of Durham County have experienced disruptions since a ransomware attack last Friday, but local government officials claim the damage was contained and recovery efforts are well underway.
"Fortunately, the City was prepared with notification systems in place that worked as planned, providing immediate notice to City IT staff that enabled a very quick response that minimized damage to operating systems," says an official statement posted on the official Durham city and county websites. "The County also received notification late Friday of attacks on their networks, and responded immediately as well."
Upon discovery of the incident, the city of Durham took certain systems offline and shut down its phone systems, which caused disruptions to its Durham One Call phone line, Durham Parks and Recreation centers and City Hall. (Durham One Call serves as a central point of contact for city information and services.)
However, the city's website is functioning – including its bill payment capabilities – the Durham One Call’s mobile app works as intended, and 911 and other public safety systems "are operational and emergency calls are being handled," the statement continues.
Meanwhile, county government phones and the website are operating normally, and the county 911 services are unaffected as well.
Local news affiliate WRAL, citing the North Carolina State Bureau of Investigations, reported that the ransomware has been identified as Ryuk, which has been spread by a Russia-based cybercriminal group that researchers that CrowdStrike refers to as Wizard Spider.