News and HeadlinesWRTV Investigates


Shelby County government hit with cyber attack

County claims the bad actors were unable to access any of the county’s data
Posted at 3:41 PM, Mar 16, 2023
and last updated 2023-03-17 14:53:56-04

SHELBY COUNTY — Shelby County government experienced a cyber attack on March 2. However, the county claims the bad actors were unable to access any of the county’s data.

According to Shelby County Commissioner, Jason Abel, an overseas 3rd party attempted to access the county’s IT network by exploiting a vulnerability in a commercial software system.

“This access was detected and stopped by the Shelby County’s network administrator, who after restoring normal operations, began a review of the event and its potential impacts immediately,” said Abel in an email to WRTV.

Various county departments rely on the Shelby County IT network.

“So far, the investigation into the matter has not revealed sufficient evidence that would indicate the records were acquired by the unauthorized 3rd party,” said Abel.

Abel said the bad actors attempted to control a large amount of data at once.

“Given the limited time of access, the transfer speed of the network, the size of the data set in question, and the network traffic at the time of the incident, it appears it is unlikely that the data in question was transferred to an unauthorized 3rd party,” said Abel.

The county’s IT administrator has taken steps to restore operations to a normal state, using the data backups that are regularly made to protect the county from potential ransomware attacks, according to the county.

“Our IT administrator has also made changes to the network itself, including removing the vulnerability and installing software to better track attempts of unauthorized access to the network,” said Abel.

The cybercriminals did not contact Shelby County nor did they make any ransom demands.

“Out of an abundance of caution, and to better ensure state and federal officials were aware of any potential large-scale vulnerabilities, the county IT administrator and the Shelby County Sheriff’s Department both contacted state and federal offices tasked with monitoring cybersecurity matters,” said Abel.

WRTV has reached out to the Shelby County Sheriff and the FBI.

The sheriff directed questions to the commissioners.

The FBI does not confirm or deny investigations.

WRTV Investigates recently took concerns about cybersecurity and Indiana schools to the FBI to find out what they’re doing to stop the attacks.

PREVIOUS | Growing number of schools victims of cyberattacks

Herb Stapleton, Special Agent in Charge of the FBI’s Indianapolis field office, said the FBI can stop ransom payments from getting to criminals if they are notified quickly.

“Trying to go after the money, and then to target the actual infrastructure that these individuals use,” said Stapleton. “What we are trying to do from an investigative standpoint is go after the key services that create an environment in which ransomware can happen. That means targeting the people who are responsible for gaining access to these networks, that can mean targeting the funds or proceeds of this kind of illicit activity.”

But it’s not easy to find the cybercriminals and prosecute them.

“The money they get from that cyber breach goes right back into their illegal cyber business and can contribute to hiring and gaining access to bigger and broader and more impactful attacks along the way,” said Stapleton.

The FBI emphasizes anyone who uses the internet can become a target.

“It’s a crime of opportunity,” said Stapleton. “No business is too big and no school system is too small for this type of activity. It’s about volume and driving profit.”