State agencies across the U.S. continue to face disruptions from ransomware attacks. On Tuesday evening, the government of Gilmer County in Georgia posted a notice on its website warning that a ransomware attack was affecting its ability to provide services to its more than 30,000 residents. “Gilmer County recently detected and responded to a ransomware incident and has taken affected systems offline while we work to secure and restore services safely. In the meantime, the public should expect delays from the County as a result,” the notice said. “We are actively monitoring the situation and sending updated information as it becomes available.” Edwina Daman, County Clerk for the Gilmer County Board of Commissioners, told Recorded Future News that they alerted federal law enforcement and have hired a cybersecurity firm to resolve the outages caused by the attack. The official did not respond to requests for comment about whether the attackers have identified themselves or if a ransom will be paid. But Daman said the county has taken its network offline, meaning many systems remain down as they develop plans to continue providing services securely to the public. “However, all of our essential services including 911 continue to operate. The safety and security of our residents and our employees remains our top priority. We are working around the clock through this cyber incident and ask for your patience as we implement business continuity measures,” Daman added. Like other large states, Georgia continues to deal with relentless attacks on its county government offices. Fulton County, the most populous county in the state and home to Atlanta, is still in the process of restoring critical services following an attack by the LockBit ransomware gang in January. Government offices in Augusta, Forsyth, and Hall have all dealt with ransomware attacks in recent years, hampering critical services while exposing citizen data on the dark web. Tarrant County in Texas — home to Fort Worth — also announced that it is dealing with its own incident affecting the office that determines property values for tax purposes. The Tarrant Appraisal District is used widely by both property owners and real estate agents in the county — which has a population of more than 2.1 million people. The organization released a statement saying that on March 21, it experienced a network disruption that forced them to take services offline. “Unfortunately, some of our systems and data have been rendered temporarily inaccessible. Please know that our team is working diligently to restore our systems and data in the safest and most secure manner possible,” officials said. In a follow up statement, the government confirmed that it was dealing with a ransomware attack. Both the FBI and Texas Department of Information Resources have been informed of the incident and are investigating it. They’ve hired experts to help them restore operations and as of Wednesday, phone and internet services at Tarrant Appraisal District offices are still down. Tarrant Appraisal District did not respond to request for an update on the situation. The organization recently released a post-mortem on a similar attack in 2022 that exposed data and left its website services unavailable during multiple periods in 2022 and 2023. Most of Tarrant county is occupied by Fort Worth — which dealt with multiple cybersecurity incidents last year. The first three months of 2024 have seen dozens of attacks on state and local governments across the U.S., with more than 25 ransomware incidents being publicly confirmed so far and multiple other hacks reported. On Wednesday, the Southern Nevada Health District added its name to the list, warning residents that hackers were able to steal information by inserting malicious code into a payment website. Fort Worth residents facing another cyberattack
Get more insights with the
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.