San Bernardino County pays $1.1M ransom after cyberattack disrupts Sheriff's Department systems
SAN BERNARDINO, Calif. (KABC) -- San Bernardino County paid a $1.1 million ransom to hackers who infiltrated the Sheriff's Department computers, officials acknowledged Friday.
Last month, the department admitted a hack encrypted many of its files, disrupting systems and blocking access to data.
County officials told ABC News on Friday that the county carries insurance for such attacks and its share of the ransom came out to just over $511,000.
After negotiating with the hackers, the insurance company and county agreed to pay to restore the system to its full functionality and secure data.
"The decision whether to render payment was the subject of careful consideration," the county said.
The county became aware of the attack on April 7 and began taking steps to shut down systems, secure the network and develop workarounds for access to data. For example, patrol units had to radio dispatch to run license plates or get information on a suspect's background rather than using the computers in their vehicles.
San Bernardino County Sheriff's Department shuts down internet systems following recent cyberattack
The county claims public safety was not compromised as a result of the attack and a criminal investigation remains ongoing.
Officials believe the hackers likely were able to access the system after someone on a county computer clicked on a malicious link.
Experts say these kinds of attacks are becoming more and more common.
"The cost is pretty brutal, not just to financial - but in the case of law enforcement - it's the agency, the people they are serving," said Vivek Bhandari of Tanium, an organization that helps organizations keep their systems secure. "In the hospitals, sometimes it can impact patient care and we've seen that."
Unfortunately, he says, when organizations decide to pay a ransom, word gets around among hackers - and others may try to target the same agency again.
Bhandari says the bottom line for cyber safety is to pay close to attention to what you click on in an email.
"Phishing attacks are very common ways for attackers to get in. You get a user to open a file, because, hey, here's a picture of your kid, or a picture from the get-together last week. Something that will get someone to open an attachment or click on a link is a common technique," Bhandari said.
