Murray County paid a $200,000 ransom after a May 13 ransomware attack crippled the county’s computer network for nearly a month, according to a statement released Thursday by the Murray County Commissioner’s Office.
Officials told the Times Friday the county’s network is now back online.
The payment was made to a still-undisclosed group of hackers after county officials said they determined it was the best way to protect county residents, employees and county data.
“After careful consideration and guidance from a team of nationally recognized third-party cybersecurity and data forensic consultants, we made the difficult decision to pay a $200,000 fee because we believed it was the necessary approach to best serve the interests of County residents and employees,” the statement said. “We felt strongly that this was necessary to prevent the publication of county data and give some peace of mind to our residents.”
According to county officials, most of the payment came from county reserve funds, while insurance covered a small portion. Officials said the payment did not affect operations, payroll, pending projects or the county’s 2026 budget.
Officials said the county is restoring systems from existing county backups. Most county systems are operational, according to the statement, and steps have been taken to strengthen system security.
The May 13 attack forced several county offices to close temporarily or operate manually while the county worked to recover its systems. The affected offices included the Tax Commissioner’s Office, Tax Assessors’ Office, Probate Court, Juvenile Court and the Murray County Sheriff’s Office.
The attack was first discovered shortly after 3 a.m. on May 13, when county IT personnel were notified after critical law enforcement software went down. County officials previously said the network was taken offline to prevent further access.
The Federal Bureau of Investigation was notified, officials previously said.
In general terms, officials described how ransomware groups often operate, saying such groups may exploit system vulnerabilities, copy data, encrypt computer systems and backups, then demand payment in exchange for a decryption key and a promise not to publish stolen information.
County officials have not publicly identified the hacking group responsible for the attack, the specific method used to access the county network or what data, if any, was taken.
Sole Commissioner Noah Bishop told the Times attacks of this kind are “very, very, very common,” and said he understands Gilmer County was hit by a similar malware attack last year.
Bishop said the payment will not affect property taxes.
He also praised the county’s IT department, specifically naming Jay Choate, Ethan Bridges and Aaron Phillips.
“I can’t say enough about our IT team,” Bishop said. “They put in a lot of hours.”
Sheriff Jimmy Davenport previously told the Times his office was handwriting reports, jail bookings and releases while county systems were down.
“We are still servicing the community in every way,” Davenport said at the time, describing handwriting as a “failsafe backup” until the county’s servers were back online.
County officials stated Thursday the incident illustrates the ongoing threat criminal actors pose to computer network systems.
“We want to assure the citizens of Murray County that aggressive measures have been and will continue to be taken to minimize the risk of a similar event occurring again in Murray County,” the statement said. “We extend our appreciation to our fellow elected officials and the public for its support and patience during this incident.”
Click Here For The Original Source.
