Skip to main content
You are the owner of this article.
You have permission to edit this article.
Supervisors approve investigation into cyber attack that compromised 3,700 county files

Supervisors approve investigation into cyber attack that compromised 3,700 county files

Woodbury County Courthouse

The Woodbury County Courthouse, which opened in March 1918 at 620 Douglas St., houses courtrooms and most county departments.

SIOUX CITY | In the wake of a cyber attack last month that compromised about 3,700 Woodbury County files, the board of supervisors on Tuesday moved to retain a national firm to conduct a forensic investigation into the email assault.

The board voted 5-0 to work with BakerHostetler, a large Cleveland-based law firm that conducts data security incident response investigations.

Human resources director Ed Gilliland said Tuesday that the source of the July 20 cyber attack was ransomware that came through an email message. Ransomware is software that locks down files on a computer and then demands a payment, or "ransom," for their release. 

Gilliland said since the Woodbury County Information Communication Committee (WCICC) backs up files each night, nothing was lost. Any emails requesting ransom for the files have since been deleted.

"From the preliminary work with them and looking at the type of ransomware, there's an over 99 percent chance that there's no issues at all," Gilliland said. "But it's a really good, prudent move."

Gilliland said the investigation will help determine which specific files were hit and whether there will be any long-lasting implications. Services will be covered by the county's cyber liability insurance, which he said has a $10,000 deductible and coverage up to $3 million. 

"It will cover everything, with a minimal amount of financial involvement," Gilliland said. "Worst case, we will pay $10,000 if things didn't go as we thought."

John Malloy, information technologies director for the city and the county, said the attack was the first ransomware attack on the county's system. Malloy said staff has a "high degree of confidence" which files were hit by the attack.

In all, he said since the county has millions of files, county staff's ability to identify the ransomware early on helped. 

"Not to minimize what happened, but we have millions of files on our file storage," he said. "My team did a great job mitigating the risk."

Board of Supervisors Chairman Jeremy Taylor on Tuesday said the attack's limited damage showed how secure the county's data is under the Woodbury County Information Communication Committee.

"Anytime there's an attack, that's never a good thing," Taylor said. "But they were able to almost instantaneously stop the attack on our system, quarantine the problem on our system, and move forward with the safety and security of our system."

Gilliland said county staff had begun cyber security training during the summer to show employees what to look for. 


Be the first to know

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

Related to this story

Get up-to-the-minute news sent straight to your device.


News Alerts

Breaking News