The county, in a statement released to the media Wednesday, confirmed it discovered a malware affecting “certain systems.” The infection occurred last week and prompted the county to shut down its system for about three days, according to Mobile County Commissioner Connie Hudson.
“We shut them down in order to contain the matter and securely restore those systems,” said Sharee Broussard, a spokeswoman for the county. “Mobile County systems are operational. We are working closely with federal and other law enforcement and IT specialists.”
Broussard declined to say which specific systems were affected.
The cyber attack in Mobile County comes amid the high-profile ransomware attacks that disrupted operations this week at meat production companies in North America and Australia. Authorities are investigating whether those attacks were led by organized criminal groups based in Russia.
Those cyber attacks followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the U.S. That attack crippled fuel delivery in portions of the Southeast for several days, and sent gas prices rising in Alabama and beyond.
Colonial Pipeline paid the hackers $4.4 million as a ransom for the May 7 cyber attack.
Cyber attacks on local governments in Alabama are not unheard of. Almost exactly one year ago, the city of Florence paid over a quarter of a million dollars to cyber criminals to recover data encrypted in a ransomware attack. Florence was victimized by the DoppelPamer ransomware gang during a June 5 attack that forced the city to shut down its email system. The gang demanded 38 bitcoin, or $378,000, and threatened to publish or sell data stolen from Florence if the city didn’t pay up.
The payment came from the city’s insurance fund.
According to media reports, Florence city leaders agreed to work with the cybersecurity firm, Arete Advisors, shortly after getting the cyber threat warning. Arete recommended paying the ransom, saying that the hackers had a reputation for not attacking a system or releasing information any longer once a ransom is paid.
In 2019, DCH Health System paid an undisclosed sum to the attackers who perpetrated a ransomware attack on its three hospitals in Tuscaloosa, Fayette and Northport. That attack forced the hospital to shut down for 10 days during the month of October, and led to four patients filing class-action lawsuits claiming their medical privacy rights had been violated and medical care was disrupted.
©2021 Advance Local Media LLC. Distributed by Tribune Content Agency, LLC.