A ransomware attack kept Adams County, Mississippi, offices from doing online business for more than a week, disrupting records access and noncash payments.
A public alert posted by the City of Natchez on April 20 said all Adams County offices were experiencing a countywide internet outage affecting multiple offices and services. City services were not believed to be affected.
County officials later told The Natchez Democrat that the outage began Friday, April 17, with a server crash later identified as ransomware. Supervisor Kevin Wilson said the FBI confirmed an attack and was investigating, but county officials had not received a ransom note.
The county has not publicly identified a ransomware group, and no public claim by a group could be found. Adams County did not respond to an emailed request for comment about the scope of the outage, whether any data was taken or when all services would be restored.
The disruption locked county workers out of “almost everything,” Wilson told the newspaper. Employees could not access digital civil and circuit records, and county offices could accept only cash payments for car tags or public records.
The Adams County Sheriff’s Office was not affected because it uses servers separate from the rest of county government, Sheriff Travis Patten told The Natchez Democrat.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
The Board of Supervisors approved emergency IT work for Flowood-based Netlink to overhaul the county network, update computers to Windows 11, replace machines that cannot support the upgrade and provide around-the-clock cybersecurity monitoring. The work was estimated at about $227,000, with another $35,000 expected for data recovery.
County IT Director Devonte Demby told supervisors the attacker appeared to enter through a sanitation department computer running Windows 7, which he described as obsolete and vulnerable. Demby said the county did not have cybersecurity insurance.
Adams County is based in Natchez on the Mississippi River and had 29,538 residents in the 2020 census.
The county had previously considered cybersecurity upgrades. In March, supervisors approved a no-cost cybersecurity assessment involving Applied Technology Group, Homeland Security partners and county IT staff, according to a Citizen Portal summary of the meeting.
The Adams County case joins other recent Mississippi cyber disruptions that have drawn ransomware scrutiny. The Medusa ransomware group claimed responsibility for the February ransomware attack on the University of Mississippi Medical Center, which disrupted clinics statewide. The same group also claimed responsibility for a March attack on Belhaven University in Jackson. Neither organization has publicly confirmed Medusa’s claim.
Officials said Wednesday they expected Adams County systems to be back online Thursday, but the county has not publicly confirmed full recovery.
