Bucks County 911 system ransomeware attack costly despite not paying cyber terrorists

Peg Quann, Bucks County Courier Times
Updated ·2 min read

Bucks County did not negotiate or pay any ransom to cyber terrorists who took down the county Emergency Communications Department's computer-aided dispatch system Jan. 21, but the attack was nonetheless costly.

And while the system is back up and running, work is continuing to restore it fully.

The county commissioners authorized a payment of $375,000 Wednesday to CRA International Inc. of Boston for "cybersecurity, forensic remediation, and eDiscovery services," with the contract running through January 2027. The county should be reimbursed by insurance, officials said.

The Emergency Communications Center at the Bucks County Emergency Services Center in Ivyland was hit by a ransomware attack Jan. 21.
The Emergency Communications Center at the Bucks County Emergency Services Center in Ivyland was hit by a ransomware attack Jan. 21.

The commissioners also approved $197,925 to purchase cyber security software from CDW Government  LLC, an Illinois company, and authorized ongoing payments of $1,000 per hour plus expenses to DLA Piper LLP for legal services in regard to the attack.

“The CAD took the county two years to build, and when a cyber attack took it offline our team put the system back together in just nine days,” said Commissioner Chair Diane Ellis-Marseglia in a prepared statement. “We’ve still got more rebuilding to do, but we’re immensely proud of the work our staff has done so far, and we’re incredibly thankful for the assistance of our partner agencies and cybersecurity vendors.”

The county identified a ransomware called "Akira" in the attack.

More: Bucks County has identified culprits in cyber security attack. What we know

While the 911 system kept working, not having the CAD system meant that dispatchers couldn't keep notes on their computers and firefighters had to use pagers rather than get alerts on their cellphones.

Bucks County doesn't pay in ransomeware attack

"It was really scary," said Commissioner Gene DiGirolamo said at the commissioners' meeting. "You say it would never happen here but it did.

"... We didn't pay them any money," he said of the cyber criminals.

He thanked the multiple county employees who worked around the clock to resolve the issue, as well as experts from the FBI, Department of Homeland Security, state police and Pennsylvania National Guard, assisted by the contracted private cybersecurity experts.

Forensic investigations found no evidence that data was copied or extracted from the CAD system, said county spoksesman James O'Malley. The county declined to say if any arrests had been made. The investigation is continuing.

The attack was unrelated to a cyber attack over the weekend on the Pennsylvania Courts, county officials said.

This article originally appeared on Bucks County Courier Times: Bucks County doesn't pay in 'Akira' cyber attack; system recovered