Jackson County says phishing email caused ransomware attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

KANSAS CITY, Mo. — Hackers were able to gain access to Jackson County’s network through a link in a phishing email, the county announced on Thursday.

The ransomware attack has kept county workers from operating as normal for three days and mostly without answers.

“This is not how a government should be run specifically a county situation,” said Jackson County Legislator Manny Abarca. “So this is a true failure of leadership here.”

One of his specific concerns is about the county’s payroll process.

“That means you’re at home trying to input payroll from employees you can’t necessarily talk to, I mean this is a mess right now,” he said.

County workers are scheduled to be paid next Friday. According to Abarca, some of the employees have to enter their time by Friday.

“I heard from the county administrator about that. He says that he believes it will be OK, if not, then there will be a forced override, but then that creates more potential problems,” he said.

Representatives from the American Federation of State, County and Municipal Employees told FOX4 that they have not been alerted to any payroll disruptions as of Thursday afternoon.

The county said that the link “facilitated unauthorized access by the ransomware variant to limited sections of our network.”

The county confirmed to FOX4 that the election on Tuesday was not impacted by the attack.

As the week continues, Abarca has more questions abut how the county will continue to operate.

“We saw an internal email that said look, get back to a point where you were IT-less, how do we make those functions work again? And that was from the county administrator. It blows my mind that this is the solution-oriented focus that we’re hearing from the administrative side,” he said.

Abarca is trying “to understand what we’re doing to combat it. How deep are these problems? Are we up for ransom right now? What is that for? What are we looking to expose? These are serious questions that no one has answers to,” he said. “I have not seen a failure like this and the lack of engagement and response. Not to say that people aren’t working, I’m sure they are, but for the elected leadership, we should be aware of these things too and we’re not.”

The problems due to the attack extend from the county courthouse to the detention center, where phone lines are down, and their elevators have not been working.

“There’s four elevators used to transport inmates, there’s only one that’s functioning slightly right now,” Todd Copley, president of AFSCME Council 61 said.

The elevators have been an issue for months according to Copley, but the issue has been made worse by the ransomware attack.

He’s worried about the safety of employees.

“There’s a 71-year-old employee that works on the 6th floor of the jail. He’s expected to climb six flights of stairs every day: lunch, breaks, going to work and coming back.” More than that, he said that he’s worried about safety in case of an emergency. “God forbid if somebody were to get hurt, a nurse has to climb all those stairs,” Copley said. “Even worse if a nurse gets trapped on a floor. To me it sounds like they’re running out of band-aids. I mean, how many Band-Aids are you going to put on this before someone gets hurt.”


Click Here For The Original Source.


National Cyber Security