//
you're reading...

Cornelius News

Town Hall cyber-attack Day 3: 9-1-1 is OK; state and federal agencies are on the case

July 14. By Dave Yochum. We’re now into the third full day of a cyber attack on Town Hall and some services in Cornelius remain unavailable. Meanwhile, the situation is being managed at the state level, a town official said, with input from federal and local agencies.

“Services most affected are those delivered over the phone or those requiring staff to access files located on our servers, which are in the process of being scanned,” said Town Manager Andrew Grant.

The town has not been presented with a ransom demand, he said.

What you should know:

—You can—and should—call 911 in the case of an emergency. Cornelius operates its own 911 center, separate from Mecklenburg County as well as the general town communication system. For non emergency calls, Cornelius police can still be reached at 704-892-7773, which is not affected by the ransomware.

—Residents can reach Town Hall via townofcornelius@cornelius.org.

—Town Hall remains open and residents may visit in person.

What is still affected by the ransomware attack:

All on-site devices have been disconnected, including the landline, internet and servers. The Technology Operations Dept. is still in the process of scanning systems.

Unknown at this point is how the cyber-attackers got into the system. “There are a lot of folks on this, a lot of eyes,” one official said.

Background

The attack is less severe than the one that crippled Mecklenburg County systems in 2017.

More than two dozen servers were held hostage by hackers spreading Ransomware, forcing the County to go back to paper-based processes.

The Cybersecurity Insiders publication said that the hackers were demanding $23,000 worth of bitcoins to provide re-access to the files. The most affected service in Mecklenburg County Ransomware Cyber Attack is the county’s Department of Social Services Transportation Scheduling System.

The county decided not to pay the $24,000 ransom to unlock the servers. Instead, workers put in long hours recreating the files, according to WSOC-TV.

WSOC reported that the Mecklenburg County hackers were from Ukraine or Iran.