Here's what it looks like when ransomware attacks victimize rural communities:
therecord.media/when-ransomwar…
I got into my hometown for a visit just as the County next door was the victim of a ransomware attack that paralyzed its systems and left some services offline for weeks—so I covered it on the ground, seeing how the local government and the community responded.
Westmoreland, Kansas is the seat of Pottawatomie County and home to around 750 of its 25,000 residents. It's an Oregon trail town, but in recent weeks it was the site of another modern migration—this one of data, stolen from the County’s computers by cybercriminals .
How the county and community reacted highlights the complicated economic, financial, and social factors at play when local government systems are compromised—including just how much information is at stake and how such attacks should be disclosed to the communities they serve.
Pottawatomie County discovered the attack on September 17 and it ultimately paid the attackers off—but not the full amount. The attackers originally demanded $1 million, but settled for $71,250 after what the county calls “a successful negotiation."
It’s hard to say just how many counties have been held hostage by ransomware, in part because disclosure may not be required unless the breach affects certain protected kinds of information such as health data.
But MS-ISAC, an intelligence sharing group for state, local, tribal, and territorial governments with more than 2,500 members, said it detected 255 “ransomware incidents” across entities using their monitoring services from January through July of this year
Counties with smaller populations, in particular, can be key lifelines to residents that may be protecting everything from health records to industrial systems that control utilities like water—often while facing similar risks to their urban counterparts, but with fewer resources
National Association of Counties Chief Information Officer Rita Reynolds toe me defense often comes down to having those resources. “It’s whether or not they are equipped—if they have the right tools and people to protect the perimeter,” she said.
But even with defenses, ransomware attacks now seem like an inevitability to some.

“It’s not a matter of if, it’s when,” said William Johnson, the County Administrator of Butler—another rural Kansas county which was the victim of a ransomware attack in 2017.
Cybersecurity insurance with coverage for digital ransoms is key for counties trying to protect themselves, but also sets up incentives that seem at odds with the FBI's guidance not to pay off attackers because it funds further cybercrime.
A month after the attack was discovered, Pottawatomie says its systems are recovered, but the full scope of the information compromised in the attack, the full recovery costs, and many other details are still unclear.
County officials appeared suspicious of me during reporting—which was understandable given the circumstances—but the lack of transparency led many I spoke to complain that the government was trying to keep things "hush, hush" or "sweep it under the rug"
The silence of some victimized counties can also make it harder for the sector to get the resources they need to protect themselves, experts told me.
cc @Longreads???

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Andrea Peterson

Andrea Peterson Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @kansasalps

16 Oct
It’s the anniversary of when a small band of people tried to start a revolution to end the horror of slavery in a raid on Harpers Ferry. This is mostly known as John Brown’s raid. But I want to talk about Osborne Perry Anderson, the raiding party’s sole Black survivor.
Anderson escaped the raid and even worked with pioneering Black female publisher and lawyer Mary Ann Shadd Cary to release a first-hand account of the event, which you can read here: archive.org/details/voicef…
Both Anderson and Shadd Cary, along with many other Black luminaries, were buried at Columbian Harmony Cemetery in Washington, DC.

Their original resting place is now the site of the Rhode Island Metro Stop.
Read 8 tweets
15 Oct
I woke up a little too early, so went roaming ImageImageImage
Encountered some ruins ImageImageImage
Made some friends, just in time for the sun to make her appearance ImageImageImage
Read 7 tweets
20 Aug
My first reported feature for @therecord_media is a complicated story about the community and compliance issues I encountered penetration testing mask policies at Hacker Summer Camp
therecord.media/fear-and-covid…
It’s not just an exploration of how well the masking rules were followed or enforced in Vegas, but my own identity as a hacker and how it compels me to use journalism to report on public safety issues—like mass travel and gatherings in a delta variant hotspot.
The Union that reps workers at the conference venues told me 146 members or their immediate families have died and 1,508 have been hospitalized due to COVID-19 since March 1, 2020.
Read 18 tweets
11 Apr 19
NEW @POGOBlog investigation out with @arstechnica about how industry influence at the FCC is compromising the security of our communications: arstechnica.com/features/2019/…

GET READY FOR A THREAD!
When major phone outages hit big cities including LA and DC in the early ‘90s, glitches in SS7, part of telephone software infrastructure, were to blame. But part of the supposed solution, a tech experts group chartered to advise the FCC called CSRIC, is now part of the problem.
As new innovation sped up, expertise within the FCC struggled to keep up and became more and more reliant on CSRIC for troubleshooting. But CSRIC’s membership is heavily skewed towards industry.
Read 14 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(