Cybercriminals demanding $500,000 after hacking Delaware County computer network: Sources

ByChad Pradelli and Cheryl Mettendorf WPVI logo
Thursday, November 26, 2020
Cybercriminals demanding $500,000 after hacking Delaware County computer network: Sources
Cybercriminals have attacked the Delaware County government network and taken it hostage. The criminals are demanding $500,000 to free it up.

Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up.



Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. Prosecution evidence, however, has not been affected.



Sources said the county is in the process of paying the $500,000 ransom as it's insured for such attacks.



Ed McAndrews, a cybercrime attorney and a former federal prosecutor, said "ransomware" hacking is running rampant across the country.



Local governments and companies often hire law firms like his, DLA Piper, to negotiate with the hackers.



"The average ransom has gone from $30,000 to upward of $500,000 and that's the average," said McAndrews.



McAndrews said governments often must pay because time is of the essence and many hackers have a reputation of freeing databases after being paid in cryptocurrency like Bitcoin, which sources say the Delaware County hackers are demanding.



"You often ask for proof of life, that is you tell us, if you say you've stolen data, you show us some of the data you've stolen," said McAndrews.



Sources said the IP address for the Delaware County attack is tied to the Netherlands, but the criminals could be operating from anywhere in the world.



"These are professionals these are not your recreational criminals," said Phil Bianco the chief technology officer at IT security firm, Melillo Group.



He says if the hackers decrypt the county's files, the work is still not over.



"You need really secure your infrastructure, make sure you're not going to be hit again, you need to validate data that's been returned to you, to verify everything is there and in its entirety," he added.



Bianco said companies and governments need to train employees about how these attacks happen and come up with an incident response plan for any future attacks.

Copyright © 2024 WPVI-TV. All Rights Reserved.