The Washington County Board of Commissioners voted to pay a nearly $350,000 ransom after a January cyberattack shut down several county services.
In a 2-1 decision on Thursday, the board of commissioners approved the allocation of up to $400,000 to cover the nearly $350,000 ransom payment and approximately $20,000 for the expenses of hiring a company to process the payment.
Gary Sweat, the county’s solicitor said that the meetings qualified as emergency sessions under the Sunshine Act. In the end, the county decided to proceed to pay the ransom.
The decisive vote occurred during an emergency meeting on Feb. 6, prompted by the looming deadline to pay the ransom to the purported Russian criminals. The county faced a critical choice: to make the payment or not before the 3:30 p.m. cutoff on Feb. 6.
“Foreign cybercriminals were able to seize control of the county’s network, basically paralyzing all of the county’s operations,” Sweat explained. “The attack was unprecedented. I think it’s safe to say no one at this table has ever encountered or experienced such a cyber incident.”
The suburb of Pittsburgh first detected a breach on Jan. 19, which escalated into a full-scale ransomware attack five days later. On Feb. 5, the digital forensics firm Sylint verified the hackers had stolen significant quantities of confidential data, encompassing details about minors involved in the court system.
“While paying the ransom was not the county’s first choice, we decided that after weighing all factors, it was the best approach,” Sweat said.
Sweat revealed that the county hired DigitalMint, a cryptocurrency company based in Chicago, to manage a payment of $346,687 to the alleged Russian hackers, with DigitalMint adding a service fee of $19,313.
The FBI advises against paying ransomware demands because there’s no guarantee the attackers will restore access to encrypted data. Plus, there’s the concern that fulfilling their demands encourages further attacks elsewhere.
Commissioner Larry Maggi voted against the transaction.
“I find this repugnant that we are giving into cyber criminals,” Maggi said. “We can’t live in fear, my goodness! Home of the brave… we are living in fear of Russia!”