Connect with us


Fresno COG Recovers from 'Catastrophic' Cyber Attack



Share with friends

Cyber hackers, believed to be from Russia, encrypted thousands of files from the Fresno Council of Governments, demanding an $8,000 ransom. The public agency declined to pay and lost access to the files.

Listen to this article:

Fresno COG called it a “catastrophic loss of data to the agency.”
The agency’s members are the 15 incorporated cities of Fresno County, as well as the county itself. Fresno COG mainly deals with transportation and land-use issues.
The incident happened during a weekend data backup in September. According to a staff report presented at a board meeting to discuss the issue, “a multitude of plans, reports, studies, memos, correspondence, and particularly public outreach-related files, were encrypted in the attack beyond staff’s ability to retrieve it.”
However, other files such as finances, modeling, and mapping were “largely unaffected.” According to deputy director Robert Phipps, those files were not connected to the internet. No personal data was stolen or lost.

Threatening email sent by hackers to Fresno COG (Image: Fresno COG)

A Targeted Attack

“(The hackers) were simply interested in freezing everything up so that we would pay a ransom to get it back, to have it decrypted.” — Fresno COG Deputy Director Robert Phipps
“It occurred just at the moment that we were backing up our system over the weekend,” Phipps said.
Phipps said they discovered the attack the following Monday when staff returned to work. The hackers posted a screenshot on the server and sent an email demanding $8,000 in bitcoin to unlock the files.
He said the hackers were monitoring Fresno COG’s system and knew the best time to attack. He also said that the attack wasn’t the result of an employee clicking on a phishing scam link.
The attack, which penetrated the network’s security system, locked down Fresno COG’s computers.
“(The hackers) were simply interested in freezing everything up so that we would pay a ransom to get it back, to have it decrypted,” Phipps said.
Fresno COG immediately reported the incident to the FBI and Secret Service. It is believed to be the Phobos virus. Phipps said Russians are likely behind the attack.
The FBI and Secret Service didn’t respond to a request for comment from GV Wire.
Fortunately, for Fresno COG, much of the lost data was already stored on its website or the information was retrieved from old emails.

Image of the locked screen after a cyber attack against Fresno COG (Image: Fresno COG)

Decision Not to Pay

The decision not to pay the ransom came from Fresno COG director Tony Boren.
“(The decision) was in corroboration with law enforcement, because we did consider paying it,” Phipps said of the process. “We knew that it was going to cost us a lot more.”
Phipps noted in other cases of cyber attacks, hackers would unlock the files, only to lock them again. Or, the hackers would never unlock the data despite being paid.
“So, hopefully over time, we’ll have enough local jurisdictions that realize that it’s not going to profit them ultimately to pay these terrorists. We can only hope that it goes on the decline,” Phipps said.

Public Agencies Vulnerable

Earlier this year, “60 Minutes” investigated cyber attacks on government computers from jurisdictions of all sizes, from the big city to the small town.
“This was certainly not a unique experience,” Phipps said.
In response to the attack, the policy board voted Wednesday to purchase security software from for $124,000. A staff report described it as “similar to that of a completely new IT system.”
The city of Fresno provided internet services through a contract to Fresno COG prior to the attack. They cut service once the attack happened. Fresno COG has utilized Comcast since then.
The city was not affected by the attack.

Curiosity drives David Taub. The award-winning journalist might be shy, but feels mighty with a recorder in his hand. He doesn't see it his job to "hold public officials accountable," but does see it to provide readers (and voters) the information needed to make intelligent choices. Taub has been honored with several writing awards from the California News Publishers Association. He's just happy to have his stories read. Joining GV Wire in 2016, Taub covers politics, government and elections, mainly in the Fresno/Clovis area. He also writes columns about local eateries (Appetite for Fresno), pro wrestling (Off the Bottom Rope), and media (Media Man). Prior to joining the online news source, Taub worked as a radio producer for KMJ and PowerTalk 96.7 in Fresno. He also worked as an assignment editor for KCOY-TV in Santa Maria, California, and KSEE-TV in Fresno. He has also worked behind the scenes for several sports broadcasts, including the NCAA basketball tournament, and the Super Bowl. When not spending time with his family, Taub loves to officially score Fresno Grizzlies games. Growing up in the San Francisco Bay Area, Taub is a die-hard Giants and 49ers fan. He graduated from the University of Michigan with dual degrees in communications and political science. Go Blue! You can contact David at 559-492-4037 or at Send an Email