FILE – In this July 23, 2004, file photo, Martha and Bela Karolyi watch together as the U.S. womens gymnastic team celebrates winning the gold medal at the Centennial Summer Olympic Games in Atlanta. Victims of disgraced sports doctor Larry Nassar are imploring Texas authorities to investigate whether Bela and Martha Karolyi could have done more to prevent Nassar’s sexual abuse at the couple’s Texas training center. Five former gymnasts, including two who say Nassar abused them at the Karolyis’ ranch near Huntsville, addressed reporters Thursday, May 10, 2018, outside state Attorney General Ken Paxton’s office. (AP Photo/Amy Sancetta, File)
RIVERSIDE — UPDATE @ 6:40 p.m.
U.S. Secret Service agents are investigating the attack on Riverside’s computer server, according to state and federal officials familiar with the matter.
Because the federal agency is tasked with and experienced in defending U.S. financial institutions from cyber attacks, the Secret Service often assists local governments facing similar attacks.
“As a matter of policy, the Secret Service does not discuss active criminal investigations,” said Kevin Dye, resident agent-in-charge for the U.S. Secret Service in Dayton.
A spokeswoman for Auditor Dave Yost referred all questions about the investigation to the Secret Service.
Another computer virus hit the city of Riverside’s police and fire servers last week and erased certain files, the city manager said today.
The attack — the second to hit the city in several weeks — was less damaging than a still-unsolved attack last month that rendered about 10 months of police records inaccessible to police officials, City Manager Mark Carpenter said.
Riverside officials have not determined what exactly happened during the attacks, Carpenter said. City officials plan to meet May 15 with the city’s third-party information technology company to discuss the problem.
“We’re still trying to get to the bottom of how the attack was initiated,” Carpenter said.
Carpenter said the term “ransomware” was used to describe the attack. The term implies that a third-party held, or is holding, the city’s data hostage in exchange for a ransom, often paid in bitcoin or other cryptocurrency. But Carpenter said the city has not paid such a ransom, and he wasn’t aware if such a ransom was demanded.
The recent virus attacked the city’s server Friday afternoon and erased about eight hours worth of data, Carpenter said.
“Everything was backed-up, but we lost about eight hours worth of information we have to re-enter,” he said. “It was our police and fire records, so we just re-enter the reports.”
Carpenter said the attacks have not hindered criminal investigations or prosecutions, because many of the documents made inaccessible in the first attack “are copied and are with the court system, so there are hard copies out there.”
Police and fire reports often contain a host of personal data about individuals — victims, suspects, witnesses and police officers themselves. Reports can include Social Security numbers, birth dates, addresses, insurance policy numbers, medical information and other data. Some data are routinely available to the public, but other data are withheld under public records law exemptions.
The city has not said if any confidential investigatory data are compromised by the attack, but Carpenter said, “people’s personal information, as we understand it, has not been disseminated to any hackers.”
Riverside faces these computer problems as cities and organizations across the U.S. and globe, including the city of Atlanta, have faced crippling computer viruses costing millions of dollars in repairs and untold hours of labor.
In Clark County, Mad River Twp. Fire and EMS data were hacked and encrypted with ransomware in December.
Atlanta’s municipal government faced a ransomware attack in March. An attacker demanded a $50,000 ransom to restore the city’s systems. The city ended up shelling out nearly $2.7 million on eight emergency contracts in an attempt to fix the problem.
Three federal agencies — the FBI, the Department of Homeland Security and Secret Service — assisted Atlanta during its attack.
Carpenter said he didn’t think Riverside has asked for similar help. He said Ohio Auditor Dave Yost’s office provided some assistance, but did not specify how the state office helped. Yost’s office did not immediately respond to a request for comment.
For years, the FBI has warned that the use of ransomware — malicious software that threatens to block access to data or to publish it unless the infected organization pays a ransom — is a fast-growing criminal enterprise.
Organizations often don’t learn they have been infected until they can’t access their data or until computer messages appear demanding a ransom payment in exchange for a decryption key, according to the FBI’s website.
Read more coverage:
» Pike County murders: 8 deaths, 2 years, no answers
The Atlanta-Journal Constitution and WSB-TV contributed reporting from Atlanta.
Former youth soccer club president, coach jailed on sex charge