Rural Jackson County, Ga., recovering from ransomware attack

The attack knocked out all county email services and forced the sheriff's department to revert to recording arrests and jail bookings on paper.
Getty Images

Computer systems in rural Jackson County, Georgia, were knocked offline over the weekend after being hit with a ransomware virus. The entire county government’s email system is offline, and some departments, including law enforcement, have had to resort to conducting their operations entirely on paper.

“Everything we have is down,” Sheriff Janis Mangum said. “We are doing our bookings the way we used to do it before computers. We’re operating by paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”

The type of ransomware and the payment demanded were not disclosed.

Mangum told StateScoop the cyberattack, which county officials first disclosed to the public on Tuesday, was discovered over the weekend. County officials also posted a message on Facebook Wednesday morning telling residents the county’s email services had been disabled. At least one office — the Jackson County Board of Elections — created a temporary Gmail account as it conducts early voting in a special election for a seat on the local school board.


The sheriff said she has contacted the FBI about the ransomware attack. County manager Kevin Poe, who is overseeing the response to the incident, was unavailable for comment.

The cyberattack against Jackson County, with a population of about 64,000, raises memories of a more notorious ransomware incident last year, 60 miles away in Atlanta. That attack, which crippled city computer systems for months, is predicted to eventually cost the city as much as $17 million to recover from. It was also the most significant incident in a four-year string of attacks using the virus known as SamSam, which the United States alleges is the work of two Iranian citizens.

Small communities like Jackson County can be especially vulnerable to cyberattacks if they lack robust information technology departments. In the last 18 months, small county and city governments in Washington, Ohio, Alaska and North Carolina have dealt with ransomware attacks. At a National Association of Counties conference in Washington, D.C, on Tuesday, two IT directors from rural counties in Idaho and Washington said they often lean on their state chief information officers and information security officers for support on cybersecurity issues.

A spokeswoman for the Georgia Technology Authority, the state’s IT agency, said it is not involved in the response to the Jackson County attack.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts