Farmington recovering after ransomware attack
These simple steps will help keep your computer from becoming the next ransomware target. USA TODAY
FARMINGTON — The city of Farmington is returning to normal after a variant of the ransomware known as SamSam shut down the computer systems.
The virus encrypts files on a computer network or locks down the entire system. When people attempt to log on, they receive a message informing them that the files have been hijacked and they will have to pay to get them back.
City Manager Rob Mayes said via text message that the FBI advised the city not to pay the 3 bitcoin — worth more than $35,000 — ransom that was demanded. Mayes said the city was able to recover the encrypted information without paying ransom.
Many of the business operations computers were encrypted on Jan. 3 by a variance of the SamSam ransomware.
According to a press release from the city, no customer or employee personal information was extracted and the public administration system was not affected. The ransomware also did not breach any electric utility operations systems and there was not an interruption of public safety services. The city email systems were not affected by the virus.
While some services including electronic bill pay and records processing were shut down, nearly all of the business systems that are related to customer service operations have been restored, according to the press release.
The city and the FBI are continuing to investigate the cause and originating location of the ransom ware, according to the press release.
Farmington has contracted with outside resources to review security protocols, according to the press release.
According to the press release, ransomware attacks are occurring daily worldwide. In 2016, the FBI's Internet Crime Complaint Center received 2,673 ransomware complaints that resulted in $2.4 million of losses.
Ransomware should be reported to the FBI. Forms are available from the Internet Crime Complaint Center at www.IC3.gov.
Hannah Grover covers government for The Daily Times. She can be reached at 505-564-4652 or via email at email@example.com.