Cyber Incident Victim: Chenango County

On or around October 17-18, 2020, Chenango County, New York, experienced a disruptive cyberattack that rendered its computer network inaccessible to employees. The incident was detected when county staff returned to work and found themselves locked out of critical systems. County Director of Information and Technology Herman Ericksen publicly confirmed the attack to local media outlet WBNG on October 22, characterizing it as a ransomware incident. Attackers encrypted the county's network infrastructure, preventing normal operations across administrative functions. The perpetrators demanded a ransom payment of $450 per affected computer in exchange for decryption keys. This demand structure represented an unusually low per-device ransom compared to typical ransomware campaigns observed during that period. The attack forced county employees to implement manual workarounds and alternative processes to maintain essential services during the outage. No specific departmental impacts or data compromise details were disclosed in public reporting.

Chenango County officials immediately refused to negotiate with the attackers or pay any portion of the demanded ransom. The decision stemmed from the county's maintained backup systems, which provided a restoration path without capitulating to extortion demands. IT personnel initiated recovery procedures using these backups to rebuild compromised systems and restore network functionality. The restoration process required methodical validation to ensure data integrity across county operations. While the exact timeline for full recovery wasn't disclosed, the availability of backups significantly reduced potential operational downtime. The incident demonstrated the county's adherence to fundamental cybersecurity preparedness through maintained backups, despite vulnerabilities that permitted the initial network compromise. No secondary threats like data exfiltration or subsequent attacks were reported in connection with this ransomware event.