A ransomware attack on the government of Somerset County in New Jersey halted email communications and forced staff to resort to paper records for some services.
In a notice posted to its news site on May 24, county officials said a ransomware infection crippled its email system, and forced a Board of Commissioners meeting to be postponed.
Phone lines and emergency 911 communications were unaffected, officials said.
“With the exception of email, the county is performing most normal functions. That said, we have activated our Emergency Operations Center and our Continuity of Operations of Government Plan,” said County Administrator Colleen Mahr. “It is our assumption that this situation will remain in effect at least for the rest of the week.”
The next day, Somerset said county offices and buildings remained open for business as investigators evaluate the severity of the attack. The updated notice revealed that “network-linked computers remain turned off, and county emails cannot be received or responded to by county personnel.”
It also revealed that clerk and surrogate services that depend on access to county databases remained unavailable, while title searches were possible only on paper records dated before 1977.
It is unclear which ransomware group or strain is responsible for the infection, and the county hasn’t revealed the extortionists’ demands. It is also unclear if any citizen records were copied for use in subsequent fraud, as is common in such attacks.
“We are working hard to ensure vital services the public depends on continue to be delivered, such as recycling, road maintenance, and transportation for seniors,” county administrator Mahr said in the updated notice. “We have an outstanding IT department that is working around the clock to evaluate our situation, prevent further damage, and ultimately recover.”
As of now, the County Clerk’s office is still unable to provide some services that require internet access.