Officials in the Matanuska-Susitna Borough in Alaska were forced to bring back typewriters from the closets and resort to writing receipts by hand after a cyber-attack compromised the Borough’s computer infrastructure, including computers/laptops, servers, networked telephones and email exchange.
The severity of the cyber-attack was so high that the Borough had to declare a disaster and call in the FBI to investigate the attack. Ted Leonard, an Assembly Membwriterer, even termed the cyber-attack as a terrorist attack.
Cyber-attack forces a complete shutdown
The ‘disaster declaration’ of the Borough read that the cyber-attack had caused major disruption in Borough services and loss of productivity, which may continue for a prolonged time, and that the Borough had to incur significant expenses to engage IT service providers to mitigate the effects of the cyber attack.
According to Eric Wyatt, IT Director of Matanuska-Susitna Borough, suspected hackers not only used the Emotet trojan horse which Wyatt termed as “the worst of its type in the nation” to attack the Borough’s computer infrastructure but also used Cryptolocker and Dridex ransomware to encrypt files stored in the computers.
“We learned that one of the prongs of the attack, the trojan horse, is called the Emotet what we have learned is this is the worst of its type in the nation according to top anti-virus companies that do this internationally..another component Cryptolocker what is sometimes called the was ransomware portion also called Bitpaymer also the worst of its type in the nation, other embedded component (malware) called Dridex that is also the worst of its type. And so the group that we are facing that has unleashed this particular attack is a very well organized group and they’re using the most sophisticated tools and have done a lot of damage across the country to include us,” he said.
“Everybody’s very exhausted. I’m mumbling because I’m beyond exhaustion for the last six days. I think everybody needs a pat on the back and some encouragement and this is going to be a long journey to recover. … This is cyber crime and this is the future that we are dealing with,” said Kurt Bunker, an IT consultant working with Borough IT.
Typewriters to the rescue
Following the discovery of the cyber-attack, the Borough’s IT team worked quickly for six days to isolate, scan, and secure Borough resources and took all computers offline to prevent the ransomware from spreading. However, the Borough’s computer infrastructure is yet to be reactivated.
“Without computers and files, Borough employees acted resourcefully. They re-enlisted typewriters from closets, and wrote by hand receipts and lists of library book patrons and landfill fees at some of the 73 different buildings.
“We appreciate your patience. Private credit card information is not at risk as it is not stored online at the Borough. Borough services will be restored one at a time as they are confirmed safe,” the Brough’s website noted.
The fact that the cyber-attack forced the Borough to shut down its entire infrastructure gives an indication of how much damage motivated hackers can do, either for financial or political gain. What’s worse, in this case, was that the Borough was listed as victim number 210 of the computer virus which meant that the virus had claimed 209 victims before hackers behind it chose the Borough as their next target.