DICKSON, Tenn., Nov. 13 (UPI) -- A Tennessee sheriff's department said it paid more than $500 ransom to release files locked away by malicious software accidentally downloaded into the system.
Detective Jeff McCliss, IT director for the Dickson County Sheriff's Office, said the "Cryptowall" program was installed into the department's computer system in late October when someone streaming local radio station WDKN accidentally clicked on a rotating ad that had been infected with the malware.
McCliss and Sheriff Jeff Bledsoe said Cryptowall put a lock on the department's case folder and demanded $572 worth of anonymous online currency Bitcoins to unlock the files.
"Every sort of document that you could develop in an investigation was in that folder. There was a total of 72,000 files," McCliss told WTVF-TV.
McCliss said he consulted with experts including those affiliated with the FBI and the military, but the consensus was the only way to unlock the files was to pay.
The payment was made to a person identified only as "Nimrod Gruber."
"Although a substantial portion of the data encrypted on the report management server was able to be restored from backups, there were still approximately 72,000 files affected on the host computer, which introduced the malware to the network and the report management system and the attached drives," Bledsoe told the Dickson Herald.
Luke Vincent, information technology director for the town of Durham, N.H., said police in his town were targeted by a similar "ransomware" scheme, but officials decided not to pay. He said the affected files were "administrative" rather than "critical."
"We knew we were never going to pay that ransom," Vincent said. "We were able to restore all the files...so there was never a thought of paying the ransom in that case."
However, he said the town did end up spending about $3,000 to a contractor to help with "cleanup" following the breach.