San Bernardino County Sheriff's Department shuts down internet systems following recent cyberattack

Rob McMillan Image
Sunday, April 23, 2023
San Bernardino County Sheriff's Department goes old school after hack
The San Bernardino County Sheriff's Department has shut down systems such as email and internet following a recent cyberattack.

SAN BERNARDINO, Calif. (KABC) -- More than two weeks after the San Bernardino County Sheriff's Department was hit with a cyberattack, the department is still working to get all of its systems back online.

Multiple sources have told Eyewitness News that the hack likely started after someone clicked a hyperlink that was malicious, and that suddenly encrypted many of the department's systems.

The sheriff's department was able to recover the data, but out of precaution, they shut down most of its systems, including email, internet and many computers in the department's vehicles just to make sure there were no more security threats.

The new protocols have forced deputies to do things the old-fashioned way, like calling or radioing dispatch to run license plates or get information on a suspect's background.

"Public safety operations have not been affected," the department said in a statement. "Deputies are able to run backgrounds on people and are still getting dispatched to calls. The county is conducting a forensics investigation to achieve a complete understanding of any impact to our operations before we fully use the system."

County officials did not say if they paid any kind of ransom, but experts say these kinds of attacks are becoming more and more common.

"The cost is pretty brutal, not just to financial - but in the case of law enforcement - it's the agency, the people they are serving," said Vivek Bhandari of Tanium, an organization that helps organizations keep their systems secure. "In the hospitals, sometimes it can impact patient care and we've seen that."

Bhandari says the bottom line for cyber safety is to pay close to attention to what you click on in an email.

"Phishing attacks are very common ways for attackers to get in. You get a user to open a file, because, hey, here's a picture of your kid, or a picture from the get together last week. Something that will get someone to open an attachment or click on a link is a common technique," Bhandari said.