Orange County came to a halt early Monday morning when an encryption virus was found in its network.
Todd McGee, community relations director for Orange County, said the virus was discovered around 1:30 a.m., and it shut down almost any activity involving a county computer.
“Anything that required someone to go into a computer to check the status of something has basically ground to halt,” McGee said.
The Orange County Sheriff’s Office was affected, but no critical services were jeopardized. Of the various computers affected across the county, less than 10 percent were in the sheriff’s office.
McGee said they’re making progress and have identified the virus. Now, the county’s IT department is looking through every system, laptop and desktop computer to verify if they’re infected. For those that are infected, McGee said they’re restoring backups, though it’s going to be a long process.
The encryption virus blocked all county departments’ employees from accessing their systems, the county internet or emails. While attacking the content on each computer, the ransomware continued to simultaneously spread to other devices in the network. As of Wednesday over 140 county servers were taken offline as a result while IT staff checked each device individually.
Though they aren’t sure yet, McGee said it’s possible the virus was ransomware, planted intentionally with the goal of extorting money from the County to remove the virus. He said several people had reached out with demands, but they were vague and therefore authorities are unsure whether they should be taken seriously.
“They didn’t reference the actual virus or anything, so we don’t know that those weren’t just hoaxes,” McGee said.
The County’s announcement about the virus said they’re also working with other cybersecurity experts to restore services, including state and federal cyber security officials, as well as law enforcement. While there’s no current timeline, McGee said they’re hoping to get systems back within a few days.
