Cyber Incident Victim: Henry County

On July 13, 2019, Henry County, Georgia, experienced a disruptive malware attack that forced the shutdown of its computer networks. The malware infiltration impacted multiple county departments, rendering critical systems inoperable. By July 18, five days after the initial incident, the county’s networks remained offline as recovery efforts continued. Websites for the state court, tax assessor’s office, and board of commissioners were inaccessible during this period, disrupting public access to online services and information. The attack specifically targeted administrative and civil functions rather than emergency operations. Public safety systems, including police and fire department infrastructure, maintained normal operations throughout the incident. County officials did not publicly identify the malware variant or the initial attack vector.

The sustained network outage indicated a significant containment and remediation process, though no specific technical response measures were disclosed in available reports. Operational disruptions persisted for at least five consecutive days, suggesting substantial system compromise requiring extended downtime for mitigation. No data theft or ransomware demands were mentioned in initial reports, focusing instead on service interruptions from defensive network takedowns. The county prioritized isolating affected systems while maintaining essential emergency services. Restoration timelines remained undefined as of July 18, with no further public updates confirming full recovery. The incident demonstrated selective targeting of non-emergency government infrastructure with tangible operational consequences for civil administrative functions.