First Posted: 2/7/2015
HILLSBORO (AP) — Several agencies in a southwest Ohio county have been targeted by cyber scammers who lock people out of their computers’ files and demand a ransom.
The Times-Gazette of Hillsboro reports (http://bit.ly/1zU551E) at least one agency agreed to pay $900 to regain computer access. A former president of the Highland County Community Action Organization says the ransom was paid by its computer service provider.
The newspaper reports that the Highland County sheriff’s office and City of Hillsboro were among those attacked by scammers using the malicious software that encrypts files to make them inaccessible. The scammers usually demand quick payments while threatening to delete all files.
Such cases have reported around the globe in recent years.
The Highland County attacks reportedly occurred last year. Officials say the issues have been resolved.
Sheriff Donnie Barrera said there have been no attacks since he took over the office in November in the county about 60 miles east of Cincinnati. Former Sheriff Richard Warner said the computer services provider resolved the problem when the ransom attack was detected, but wasn’t certain of details on how.
“I know no tax dollars were used,” Warner said. He said computer files are backed up every day for protection against such attacks.
Julie Wise, director of the county community action organization, said client information wasn’t compromised in the attack. She said the agency’s network has “very good” firewalls to block spam and viruses and used offsite backup systems. She said provider Greystone Systems “did an excellent job” in responding.
Tim Hamilton, vice president of Greystone Systems, said the ransom was paid in that case because “that one hit everybody out of the blue.” But he said attacks on other computer systems including the Highland County Courthouse were resolved without payments.
“Any kind of ransom is a bad idea,” he said.
Law enforcement officials say there’s no guarantee that scammers will free the files after being paid. Computer experts say the best defense is a good backup system and the ways to avoid falling victim include not opening emails from unknown senders and keeping software security updated.
“It’s a cat-and-mouse game,” Hamilton said.
Todd Wilkin, Hillsboro’s safety and service director, said the city’s system withstood a ransom-seeking attack with the quick work of its Information Technology professional, Eric Daniels. When an administrative assistant’s computer had a message popping up on how to meet the ransom demand, Daniels disabled it, and used a backup system to restore service.
Daniels said the attackers used the malware program CryptoLocker, which can be embedded in emails or Internet banner ads.
“Eric Daniels is the dude,” Wilkin said.
