SYCAMORE – DeKalb County government endured a fourth day without email server access Thursday because of a ransomware attack earlier this week, officials said.
DeKalb County Administrator Brian Gregory said during a County Board committee of the whole meeting this week there is “continued progress” being made in getting county government servers, including email, back up and running.
“So the deal is we’ve got such large amounts of data on these servers that it takes time to restore them all back,” Gregory said during the Wednesday meeting.
DeKalb County Sheriff Andy Sullivan said multiple sheriff’s dispatchers continue to work out of the DeKalb Police Department because of the sheriff’s office’s system being corrupted in the ransomware attack on Monday. That’s how the county still is able to dispatch and answer 911 emergency calls, he said.
“They can dispatch all of our stuff because we share the [computer-aided dispatch] and radio system,” Sullivan previously said.
Sheriff’s officials also confirmed the county jail’s booking logs continue to be kept manually, although the electronic mugshot database is not working as of Thursday afternoon.
The county’s servers have been inaccessible with limited functionality “throughout county operations” since a Monday ransomware attack, county officials said in a Tuesday news release. Gregory confirmed Thursday it still does not appear that any county files have been compromised.
DeKalb County government offices were closed Monday because of the Columbus Day and Indigenous People’s Day holiday.
Government agencies have been subjected to ransomware attacks both in Illinois and nationally in recent months. Earlier this spring, Illinois Attorney General Kwame Raoul’s office announced the state agency had been subjected to a ransomware attack. The Chicago Tribune reported in July that the attorney general’s office spent more than $2.5 million handling the crisis.
According to a Wednesday email from the online notification regarding Illinois Department of Corrections and DeKalb County Sheriff’s Office inmates, the system “is not currently receiving status information from this agency.” For current status information on offenders, victims can call the DeKalb County Sheriff’s Office at 815-895-4177.
Sullivan and Gregory confirmed an investigation regarding the attack is ongoing with the sheriff’s office and county law enforcement officials are working with the FBI’s Chicago office.
County officials did not initially cite the source of the ransomware attack or security lapse in the Tuesday news release. Gregory previously said the source “is unknown at this point” and “it is an active investigation.”
The county’s information management office continues to work to restore the servers using back-up data, officials wrote in the release. Gregory confirmed Thursday email access remains unavailable countywide.
DeKalb County Board Chairman John Frieders said during the Wednesday meeting the county’s finance department and payroll also was affected by the attack. He said he appreciated county officials and staff “doing their part” to get the county’s servers back up.
“They have really dug in and have provided a lot of hard work to keep the county staff up and running,” Frieders said. “In these last few days, the [information technology] staff has been ... literally working 24 hours a day.”