Work continued Monday to restore computers that were disabled last week by a cyberattack on Stanislaus County’s Behavioral Health and Recovery Services department.
Information technology staff worked over the weekend and, by Monday morning, 10 computers were back online with access to electronic health records, a county spokeswoman said. About 70 percent of the computers were able to perform some of their normal operations, but it will likely take the rest of the week to restore all the functions, county officials said
About 500 computers in multiple locations were infected by the ransomware last Tuesday. The hackers made demands for four bitcoins to unlock the department’s computers. The value of four bitcoins was in the $65,000 to $70,000 range last week.
In an update Monday, county spokeswoman Amy Vickery said that technical staff worked to restore computers at the behavioral health offices on Scenic Drive and North Ninth Street in Modesto. The process involves cleansing the computers of the malicious software and then bringing them back to operating capacity with the programs they use.
Digital Access for only $0.99
For the most comprehensive local coverage, subscribe today.
Staff members were told not to plug devices into their computers. “Not all of the computers are up and running,” Vickery said.
County Chief Executive Officer Jody Hayes said the county has not discovered how the computer hackers broke into the system at BHRS or where the cyberattack originated. “Our primary focus is bringing up the systems in a safe and clean manner and then looking toward the investigation side,” Hayes said.
The CEO said there was no evidence the hackers gained access to the personal information of BHRS clients.
Hayes had no cost estimate for restoring function to hundreds of computers. The county did not consider paying the ransom, as some schools, hospitals and private companies in the United States have done to keep from losing data or from making expensive repairs.
“We perform routine computer backups and those backups allow us to restore our computer systems,” Hayes said. “Should someone decide to interrupt county services, we are not going to pay a ransom.”
The behavioral health offices continued to serve the public, using old-fashioned paperwork for client intake. The county will assess what happened with the cyberattack and make any security improvements that are necessary, Hayes said.
In November, a computer virus shut down essential services at Modesto City Schools, forcing staff and students to stay off their devices until the school district’s technology team restored services.
In September 2011, a city of Oakdale finance department employee was the victim of an e-mail scam called “phishing,” which enabled cybercrooks to obtain city data and steal $118,700 from a city checking account. An insurance carrier reimbursed the city for the loss, minus a $2,500 deductible.
Ken Carlson: 209-578-2321, @KenCarlson16