A severe, multi-pronged cyber attack struck a borough of Alaska last week, crippling down the town’s ability to use its computers and process payments for government services, and forcing its employees to go back to using paper receipts.
“This is a very insidious, very well-organized attack,” Matanuska-Susitna (Mat-Su) borough’s IT director Eric Wyatt said in a press release. “It’s not a kid in his mom’s basement. Because we are getting the information out and sharing it with other entities, hopefully they can weather the storm.”
It sounds like a return to a simpler, more analog time, but in reality, it is a major pain in the ass. An update from the borough on July 24 gives an idea of what, exactly, the town is coping with: At the landfill, staff is manually tracking scale weight and fees. The pool and libraries are taking cash and check payments only. The animal care facility’s computers are down (but hey, you can still adopt a cat). Five hundred borough workstations and 120 out of 150 servers were affected.
Wyatt released a report on the incident, which outlines the type and severity of the zero-day attack: It was a multi-pronged and multi-vectored malware, including the Trojan horse Emotet and cryptolocker ransomware BitPaymer. Parts of the attack may have been lying dormant since May, but on July 23, the crypto locker started encrypting the drives of computers on the network, rendering them useless.
According to Mashable, the town is still trying to get back online, and is working with the FBI to recover services and figure out what exactly happened. Full recovery could take weeks, while it could be years before the FBI recovers the keys for data that was encrypted.
At an assembly meeting Tuesday night, Mat-Su resident Kurt Bunker, an IT consultant, gave a testimony on the recovery efforts. “I think your IT teams have done a wonderful job. Everybody's very exhausted,” he said. “I'm mumbling because I'm beyond exhaustion for the last six days. I think everybody needs a pat on the back and some encouragement and this is going to be a long journey to recover… This is cyber crime and this is the future that we are dealing with."