Content, Breach, Channel markets, Ransomware, Vertical markets

North Carolina County Stops New Cyberattacks After Refusal to Pay Ransomware

Dena Diorio

North Carolina's Mecklenburg County experienced additional cyberattacks after it refused to pay $23,000 in ransomware last week. However, county officials indicated the latest cyberattacks were unsuccessful.

Hackers launched the second set of cyberattacks against Mecklenburg County on Thursday, December 7, according to a prepared statement. County Manager Dena Diorio then sent an email to warn county employees about the cyberattacks and provided these workers with cybersecurity recommendations.

Mecklenburg County originally experienced a cyberattack on Tuesday, December 5. During the cyberattack, hackers froze 48 county servers via encryption, and asked for two bitcoins in ransom, The Charlotte Observer reported.

Just Saying No

On Wednesday afternoon, Diorio said Mecklenburg County would not pay the ransom. The county instead would use backup data to restore government systems that were affected by the cyberattack, she noted.

Since that time, Mecklenburg County has taken steps to restore government systems in the following areas:

  • Criminal Justice Services.
  • Health and Human Services.
  • Office of the Tax Collector.

Mecklenburg County remains focused on restoring affected government systems following last week's cyberattack. Meanwhile, county offices and departments are open and using alternative processes where necessary to serve community members.

How Can MSSPs Help Organizations Combat Ransomware Attacks?

Ransomware is no longer platform-agnostic, according to a recent study conducted by British security hardware and software company Sophos. Fortunately, MSSPs that understand the dangers associated with ransomware can help organizations across all industries limit the impact of ransomware attacks.

Cloud-based cybersecurity solutions provider AppRiver recently provided the following recommendations to help MSSPs safeguard organizations against ransomware and other cyber threats:

  • Use segmentation. With segmentation, MSSPs can help prevent the spread of an infection inside a network and speed up the recovery time after a cyberattack.
  • Deploy backups. In the event of a successful cyberattack, MSSPs can help customers wipe their workstations and implement backups.
  • Provide comprehensive data storage. Encrypt all customer data, regardless of whether it is stored on-premises or in the cloud. That way, MSSPs can make it tough for cybercriminals to access customers' sensitive information.
  • Track suspicious activity in DNS logs. Examine DNS logs following a breach to help customers quickly identify and address all affected endpoints.
  • Have alternate systems in place. Ensure customers have alternate systems in place to guarantee continuity of operations after a cyberattack.

Furthermore, MSSPs can empower organizations to take a multilayered approach to cybersecurity, AppRiver indicated. MSSPs also can provide a combination of email and web security services, AppRiver stated, to help organizations bridge all security gaps.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.