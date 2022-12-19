SEBRING — More than six months after a cyberware attack took down many functions for the Highlands County Sheriff’s Office, some effects are still there.
Anyone looking to search the list of current inmates for details or to report a crime online, whether through a desktop, laptop or mobile device, still can’t do that, halfway into the seventh month since it happened.
The Sheriff’s Office has people working on rebuilding the code for those servers which, according to Sheriff’s Office officials, must be rewritten.
“We’re having to rebuild from scratch,” said Scott Dressel, the sheriff’s public information officer. “We’re waiting for outside vendors.”
Dressel said that the inability to search inmate information online has slowed him down, too, as it is — or was — much easier to pull various pieces of information on inmates from a website search than from various internal information portals.
Another resource for the agency, the ability for people to report crime online or through a mobile device, means people have to see a deputy in person or visit a physical office to report crime.
Almost every other function affected by the attack has been restored, Dressel said.
On Friday, May 27, any resident, employee or outside agency requesting reports on incidents, arrests or crashes found the computer system was down. The Sheriff’s Office had taken its computerized database offline to prevent further damage from a cyberattack that had started at or soon after midnight.
In addition to the document system, email was also not working. Employees could still send email, but could not receive email, and senders would not get a “bounce-back” notification.
Fortunately, 911 Consolidated Dispatch did not go down, but access to information was affected. Sheriff’s officials said dispatchers had to find workaround methods similar to operations in the 1990s pre-database era.
Within two weeks of the attack, local and federal officials identified the attack as ransomware, where hackers upload destructive programming into a system to encrypt and lock up data, away from the users.
The hackers, under the guise of a cybersecurity firm, then issue what is essentially a ransom demand, an offer to fix the problem, with a price tag – $2.5 million.
Sheriff Paul Blackman said the group called itself “Quantum Ransomware” and was first seen in 2021. Under the guise of a legitimate business, they make blitzkrieg attacks from somewhere in Eastern Europe, extorting money from agencies and companies.
Blackman said he would have none of it.
“We don’t give in to criminals. We will not be paying that ransom,” Blackman said. “I consider it part of my oath of office to wisely spend the tax funds entrusted to me by the citizens of Highlands County. I am not going to spend your hard-earned money rewarding cyber terrorists for their criminal actions.”
He said paying ransom would not guarantee systems are restored, but would be followed by more payment demands.
When asked Tuesday if the perpetrators have been found and arrested by international agencies, Dressel said no, and he didn’t expect it.
“I seriously doubt we’ll ever see anyone arrested for it,” Dressel said.
For now, diligence is the main defense, and rebuilding is the best remedy.