2023-04-24 and 2023-05-02 San Bernardino County Ransomware Emails

From: last. Dau 40) Tor 0S — al Superverrs ans chi af st ce Herindes, Leonard ~ C80; Rurcles, Dare; liars, Pavel; Guomar-Hurtaro, Martha Subject: dia Acti She TPS IT Date: Nene, spe 24, 2029 4995 ‘Attachments: San Sarrardro County Gris Department sus dow bert syste follorg recent ciberatad:~ BCP [osamelanct mageLng Board Members, The attached ABC7 story (video here: brtpsy//abe7.com/san-bemardino-cvberattack-ransomware- hyperlink/12.176620/ is the first media account to reportthat this wasa cyberattack, thet it was ransomware, and/orthat it was likely activated by an employee clicking ona link in an email. This story will probably lead to additional media inquirias to the Sheriff and to us. Our response will continue to be that this wasa network disruption that is under investigation. ‘\s0, Beau Var brough/Southern Califomia News Group has asked when the Sheriff's Department broke off fromthe County's IT and formed heir own, and whether this was discussed during a Board mesting. Prelirminary research indicates this likely occurred about 20 years ago, and no information on the process by which this occurred has been located yet. We will keep you informed onthis. Please let me know if you have any questions, Thank you, David David wert Public nfarmation Officer alforia 25N Reomentere, Fith For San Boraidine CABB4I5 0129 SAN BERNARDINO COUNTY (Our job is to ereate 9 county in whieh those who resicle and invest can prosper and achieve well-being. wow SBCouney gov ORE424123, 8:40 AM San Bomardino Courty Sherif's Department shuts dew internet systoms folloring recent cyborattack -ABCT Los Angeles San Bernardino County Sheriff's Department shuts down internet systems following recent cyberattack g By Rob McMillen a ‘Sunday, April 23, 2023 4:19PM The San Bernardino County Sheriff's Department has shut down systems such as email and internet following a recent cyberattack hitpsbc7.comisan-bemardine-oyberattackransomware-nyportinl/ 1817882014724123, 840.88 ‘San Bernardino County Sherif's Department shuts down Intemet systems following recent cyberaltack - ABCT Los Angeles SAN BERNARDINO (KABC) -- More than two weeks after the San Bernardino County Sheriff's Department was hit with a cyberattack, the department is still working to get all of its systems back online. Multiple sources have told Eyewitness News that the hack likely started after someone clicked a hyperlink that was malicious, and that suddenly enerypted many of the department's systems. ‘The sheriff's department was able to recover the data, but cut of precaution they shut down most of its systems, including email, internet and many computers in the department's vehicles just to make sure there were no more security threats. The new protocols have forced deputies to do things the old-fashioned way, like calling or radioing dispatch to run license plates or get information on a suspect's background. “Public safety operations have not been affected,” the department said in a statement. "Deputies are able to run backgrounds on people and are still getting dispatched to calls. The county is conducting a forensics investigation to achieve a complete understanding of any impact to our operations before we fully use the system." County officials did not s kinds of attacks are becoming more and more common. if they paid any kind of ransom, but experts say these Phe cost is pretty brutal, not just to financial - but in the case of law enforcement - it's the agency, the people they are serving," said Vivek Bhandari of Titanium, an organization that helps organizations keep their systems secure. "In the hospitals, sometimes it can impact patient care and we've seen that." Bhandari says the bottom line for eyber safety is to pay close to attention to what you click on in an email. "Phishing attacks are very common ways for attackers to get in. You get a user to open a file, because, hey, here's a picture of your kid, or a picture from the get ntps:fabe7 comisan-bemarcino-cyberattack-ransemware-hyperink/13176520) 212423, 840 004 ‘San Bernardino Caunty Sher’ Department shuts down Interet systems following recent cyberetack- ABCT Los Angeles together last week. Something that will get someone to open an attachment or click on a link is a common technique," Bhandari said.From: ect Dawid (CHO) Te OSA Suncriccs BOS Chin of Stal ce: Hauaclee Leena CAO; Wiliams. Pamala GuamanHudado, Martin Subject: Hsia Response/SherifPs IT Date: “Tuesday, May 2, 2023 2:00:53 Pt ‘Attachments: imagstOLona Board Members, Brian Rokos with the Scuthern California News Group last night asked the County if a ransom had been demanded, ifso, how much, and whether the County intends to pay. He had been referred to us by Sheriff Dicus. In response, | will provide him with the response be |ow, [JAaManaaan rae soon This will be the first official confirmation to the news media that this has been a ransomware incident. ‘The network disruption within the Sheriff's Department was the result of ransomware that infected portions of the department's information technology system. ‘The County had prepared for the possibility of such an incident by securing appropriate insurance coverage. After negotiating with the responsible party, the insurance carrier and the County agreed +to.8 payment to restore the system's full functionality and secure any data involved in the breach. Insurance covers most of the payment. The County's share is $511,852. The decision whether to render payment was the subject of careful consideration, On balance, and consistent with how other agencies have handled these types of situations, this was determined to be the responsible course, AAs part of its ongoing criminal investigation, the Sheriff's Department is conducting a forensic ‘examination to achieve a full understanding of the incident, the findings of which will benefit all public agencies looking to avoid a similar occurrence. ‘At no time did this incident comprom'se public safety or the Sheriff's Department's ability to carry ‘out its duties. No other systems within the County organization have been affected. Additional information on this matter cannot be disclosed at this time in light of the ongoing criminal investigation. Please let me know if you have any questions. Thank you, David David WertPublic information Officer Sen Bectuing County, caotcia Pron EN Fith Flor Ban Eematdine CADIS 0129 COUNTY Our job is to ereate @ county in which those viho resicle and invest ean prosper and achieve well-being. wun SBCounty.gov

2023-04-24 and 2023-05-02 San Bernardino County Ransomware Emails

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2023-04-24 and 2023-05-02 San Bernardino County Ransomware Emails

Uploaded by

Copyright:

Available Formats

You might also like