After the internal network of Jackson County, Georgia was infected with ransomware on March 1, the county paid the threat actors a ransom of $400,000 to receive a decryption key.
When the ransomware attack locked county personnel out of their systems, causing all of them to go down except for the 911 emergency system and the county website, a cybersecurity company was hired to negotiate with the attackers. Eventually the county decided to pay because, according to Jackson County Manager Kevin Poe, the county “could have literally been down months and months and spent as much or more money trying to get our system rebuilt.”
It is believed that Ryuk ransomware was used in the attack. Ryuk is a notorious strain that is mostly used in targeted attacks on large organizations.
Read more: Georgia county pays a whopping $400,000 to get rid of a ransomware infection