At the moment, it appears the county did not have all security measures against such an attack in place. Hinds County Administrator Kenny Wayne Jones initially said Hinds County had done what it could to avoid a breach, but he later acknowledged the county was in the process of strengthening their security suite to prevent someone from hacking into the system.
“Well, we had our we had our basic malware. We had our ransomware. We had our firewall. We had everything we thought we were supposed to have. We will go increase some of that, because we felt like we were vulnerable to a threat of attack. So, we’ve been talking about that this year. It’s just that it came too soon before we could get to it,” Jones said.
Charlie Walter, assistant professor in Computer Science at Ole Miss, said hackers could have disrupted the system in a number of ways. They could have sent a phishing email to an employee, or they found a USB drive in the building.
“Any piece of software that has to interact with the internet or has to interact with specific people in any way can have a vulnerability that can be exploited by an attacker. You just need someone to download a file or someone to plug in a USB drive or someone to visit a website with a computer that can be infected. And then every file on that device can be encrypted kind of in the background without the user even knowing,” explained Walter.
He said the fact that Hinds County was trying to address the problem and recognized the threat is a good sign.
“Now, should they have started working towards a solution years ago? Of course. Can everyone start thinking about security as early as they need to? Unfortunately, that’s that’s not a realistic kind of scenario,” said Walter.
He said once the issue is resolved, a likely scenario to avoid a hack in the future will be an increase in security for Hinds County and local municipalities across the state.