Ransomware law prevents N.C. government agencies from paying hackers

WILMINGTON, N.C. (WECT) - Ransomware, it’s a type of cyberattack that can cripple industries, utilities, and even government agencies ability to access their entire digital networks. Hackers gain access to a network through any number of ways, encrypt an entities files, and demand a ransom before providing the encryption key. In North Carolina, attacks on governmental entities have become a more common threat, but now due to a new law, government agencies won’t be able to pay those ransoms

Evidence of attacks becoming more common according to a report by the North Carolina Department of Information Technology.

“No State agency or local government entity shall submit payment or otherwise communicate with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment,” the law reads.

This means getting data back is not as easy as paying the hackers for that encryption key, and in North Carolina, attacks are not uncommon.

“From 2016 to 2019, local governments, community colleges and public school systems in North Carolina reported 17 ransomware attacks of varying degrees to the N.C. Department of Information Technology. In 2020, alone, NCDIT received the same number of reports. Of the 34 attacks since 2016, city or county government entities reported 31 of them,” according to the report from NCDIT.

For one local lawmaker, forbidding the payment to criminals might be a hinderance for those attacked, but it’s a place to start fighting back.

“As frustrating as it is to have hackers interfere with systems or data, the only way to stop or lessen such occurrence is not to reward the wrongdoers. The hope is that by taking the profit motive out of such criminal behavior, we can discourage it from happening. I am hopeful that all municipalities take care to build in redundancies and to install state of the art firewalls to protect their vital data.” Representative Deb Butler said.

In New Hanover County there have been at least 6 ransomware attacks on governmental networks as of 2017.

The attack on the Colonial Pipeline in 2021 showed just how vulnerable systems are and how critical infrastructure can be brought to its knees with one wrong click by an employee.

Matthew Coleman is the Marketing Director for Atlantic Computer Services, a Wilmington-based company that provides IT services, including help protecting businesses from cyberattacks. He says most people have the wrong idea about hackers and how these nefarious actors get into a system or network. Often it comes down to human error, or a lack of knowledge and education on preventing malicious software into a system.

“One of the primary ways that ransomware attacks make their way into a business is almost always through email. So phishing attempts, spam, emails, things that come out like that, the stereotype of the hooded attackers sitting over his computer desk, and the dark basement … it’s a misnomer. It’s more about bots and automation, email campaigns that go out and basically like someone walking through a neighborhood and just checking doors on houses until they find one that’s open,” Coleman said.

Paying a ransom is often an easy way for businesses or governments to get their data back, but it’s not recommended.

“The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity,” according to the FBI.

Copyright 2022 WECT. All rights reserved.