FBI investigates cyberattack that forced Hinds County government offices to close

Charlie Drape, Mississippi Clarion-Ledger
Updated ·3 min read

A cyberattack has forced government offices in Hinds County to be closed, and criminals are demanding a ransom to get their computers back.

More: Cybersecurity issue prompts computer shutdowns at MS casino, other MGM Resorts properties

The ransomware attack was first reported on Sept. 7 by Hinds County administrator Kenny Wayne Jones. Hinds County government offices were forced to close last Thursday and Friday due to employees not being able to access their computers. Jones was not immediately available for a comment.

A ransomware attack "is a form of malware designed to encrypt files on a device, rendering them and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption," according to the Cybersecurity and Infrastructure Security Agency's website. The agency is a part of the United States Department of Homeland Security and is responsible for cybersecurity and infrastructure security for the government.

It is not known how much money the criminals are asking for, nor who is responsible for the attack. The county has not been in contact with the criminals, but called the Federal Bureau of Investigation, who is the lead agency investigating. U.S. Homeland Security is also investigating.

Charles Walter, an associate professor of computer and information science at Ole Miss, explained that usually cybercriminals exploit a weakness in a computer server or trick someone into giving them access by impersonation.

"Once they're able to get code running on a system either through social engineering or through a more traditional cyberattack, they run code that encrypts all the files on the system making it so no outside person can get access to those files," Walter said. "Once that is completed, often times they will try and use another exploit to try and get on other machines in the system. Or they will go to the server itself where you are storing all your data and try to encrypt there.

Once it's been encrypted, the cybercriminals will indicate to the user that the files have been encrypted. Access to the data will no longer be available to the user until a ransom is paid. Once paid, the criminals will send a code to decrypt the files.

Walter said these attacks aren't the most common of cyberattacks, but are becoming more and more common. He said cybercriminals can be successful in extorting the ransom if the value of the data is worth the money.

"If you're a hospital as an example, a couple thousand dollars would be worth it to get all your patient data back, to get all your systems working to make sure you're able to save people's lives," Walter said. "Some cybercriminals can ask for significantly more money and in those cases its better to reset all your systems, go to a backup of all the data you have and try to recover it that way."

The Hinds County Tax Collector's Office was closed Monday, while the Hinds County Circuit Clerk's office has canceled jury duty for this week.

Hinds County District 1 Supervisor Robert Graham shared little details on the attack, but said he was hopeful for a speedy resolution.

"There's not very much that I'm at liberty to say. We are working on it 24 hours a day," Graham said.

This article originally appeared on Mississippi Clarion Ledger: Hinds County offices closed due to cyberattack, criminals demand ransom