Rocky Mount officials encourage residents to change, secure their passwords after cyber attack
Posted September 2, 2020 8:36 a.m. EDT
Updated September 2, 2020 5:09 p.m. EDT
Rocky Mount, N.C. — Rocky Mount officials said that their city online system was the victim of a ransomware attack.
The problem emerged about three weeks ago and forced residents to pay of all their city bills in person.
At this time, 95% of the network is restored, city officials said in a press conference on Wednesday morning. Some new computers had to be ordered as a result of the attack.
Those behind the cyber attack demanded ransom, and after consultation with the FBI, Rocky Mount officials did not give them ransom.
The hackers demanded Bitcoin payment in return for a tool that would decrypt files that were stolen from the city database and then encrypted, officials said. Law enforcement do not know specifically "who the threat actor is."
“We had a call from police personnel not being able to access the network," said Amy Staton, the city's finance director. "They quickly called out technology team who confirmed that they could not access the systems as well.
"This particular virus spread quickly, within seconds within three seconds of someone signing in, they can encrypt their computer."
Officials also do not know what files were compromised from the attack. As a result, the city has set up a third-party call center and free credit monitoring in case residents' personal information has been breached.
Law enforcement officials encouraged residents to change the passwords they used for their city billing accounts and to not use the old passwords on any of their other personal accounts.
City officials have not confirmed that passwords were compromised in the cyber attack, but are still encouraging residents to change their passwords.
"Components of the network have been restored gradually since August 14," Staton said. "At this time, 95% of the network is restored, 80% of business applications are operational ,some city employees have computers that have been encrypted and cannot be restored."
Sandy Roberson, mayor of Rocky Mount, said that there is no indication that the city was targeted by this hack.
“It’s not a fun process to go through, but it’s safe to say in this particular case, all the right protocols were in place as far as getting back up on line,” Roberson said.
The city said its system will be operational by the end of the week.
Rocky Mount does not have a chief technology officer on staff, but officials say they hope to hire one soon.
"Since discovering the attack, the city has dedicated all its resources and worked around the clock to determine the full extent of the event and to implement additional security measures to secure city systems during the recovery process," a statement from city officials said.