|Qakbot virus crashes county computer network|
|Written by Greg Ruland|
|Friday, 22 April 2011 12:12|
A sophisticated computer virus that attacked Yavapai County Sheriff’s Office early morning April 19, then spread to computers in every department of county government, appeared to be under control Friday, April 22.
County computer technicians believed they had the virus under control numerous times in test environments during the past few days but quickly determined it was still present, Yavapai County Administrator Julie Ayers said.
“It’s been extremely challenging,” Ayers said. “We will be working throughout the weekend. We have our fingers crossed that we have a solution. It has been successful in the lab environment and we began to roll it out to departments [Friday] morning.”
“It’s a very sophisticated virus. It is very good at hiding itself. It has multiple ways of promulgating itself and hiding within the servers,” she said.
The Treasurer, Human Resources and Board of Supervisors offices were up and running on a limited basis Friday as technicians tried to determine whether the fix was successful, Ayers said.
The selection of departments to be cleared of the virus first was not based on priority, but proximity to technicians, she said.
Known as Qakbot, the virus probably made its way into the system through an email attachment sent to YCSO, despite up-to-date antivirus software, Ayers said.
The attack did not appear to be directed at Yavapai County specifically since government computer systems were simultaneously impacted in other areas of the nation, Ayers said.
“I don’t know how public others affected are being about it, but we are not alone,” Ayers said.
The virus is normally directed at financial institutions, she said.
County computer technicians were aware of the presence of the virus almost immediately as errors and glitches began showing up on screen in the YCSO and then elsewhere around the county.
The only county departments not affected by the virus are the Superior Court, Clerk of Court, and Juvenile Probation departments because those systems are separately tied into the state judicial system network, Ayers said.
Work performed by any county employee using computers between 6 and 7 a.m. April 19 was lost. The county’s computer system was shut down almost immediately after the virus was discovered, she said.
A ban on Internet use by county employees continued through Friday as the three department systems were operated in a test environment to determine whether the virus was still embedded.
Ayers said she was extremely proud of the way county departments found ways to work around the problem, although several employees whose jobs are limited to use of a computer were sent home on vacation.
“For example, the health department has gone back to charting medical records by hand, the same type of system they used 20 years ago,” Ayers said.
The county, which has crisis management plans for fires and floods, will devise a similar plan for computer system crashes to handle any similar situation that may arise in the future, Ayers said.