A borough and a town in Alaska have been hit by a devastating ransomware attack, forcing employees to completely forego computers and go back to typewriters and hand receipts.
Matanuska-Susitna (Mat-Su), a borough in the Anchorage Metropolitan Statistical Area, has declared disaster on Tuesday after being hit by several different strains of malware that crippled its computer infrastructure, including computers, servers, telephones and email exchange. The city of Valdez, Alaska, has also been hit by the malware attack.
“The cyber-attack has caused major disruption in Borough services and loss of productivity, which may continue for a prolonged time,” Assembly Member Ted Leonard said at a Mat-Su Assembly meeting Tuesday.
According to a report by Mat-Su borough’s IT Director Eric Wyatt, the attack was “multi-pronged, multi-vectored”, its components including the Emotet trojan horse, BitPaymer ransomware and an actual hacker logging into the borough’s network.
Some of the malware was dormant on the borough’s computers since as early as May 3, the report said, but the attack culminated on July 23, when the crypto locker portion of the malware started encrypting the drives of computers on the network. All in all, nearly all of the borough’s 500 workstations and 120 out of 150 servers were affected. According to the report, this was a zero-day attack, meaning that it used exploits that were never seen before.
To give you an idea of the damage this type of attack can do on a city’s infrastructure, here are some of the services that were affected: pool, libraries, animal care, landfill, collections, as well as a number of web services such as e-commerce. The Mat-Su government said Monday that “most data” was not lost to the cyber attack.
“Without computers and files, Borough employees acted resourcefully. They re-enlisted typewriters from closets, and wrote by hand receipts and lists of library book patrons and landfill fees at some of the 73 different buildings,” Public Affairs Director at Mat-Su Patty Sullivan wrote in a post last week.
The BitPaymer ransomware made headlines in August 2017, when it hit several Scottish hospitals, causing delays and cancellations in procedures and appointments. Upon infection, it encrypts many of the files it finds, asking a cryptocurrency payment in order to unlock them.
Both the Mat-Su borough and the city of Valdez are cooperating with the FBI in restoring their services and investigating the attack, officials said.