San Bernardino Sheriff's Office Goes Back to Radios After Ransomware Attack

The San Bernardino County Sheriff's Department was recently hit with a cyberattack that forced deputies to go back to radios to check license plates or get background information on a suspect.

Headquartered in San Bernardino city, the department polices the unincorporated areas of the county and offers contract law enforcement to 14 of the county's cities. The department also operates the county jail system, provides marshal services for superior courts, and has many other specialized divisions.

Around two weeks ago, an unsuspecting deputy clicked on a tainted link, infecting the department’s IT network with data -crippling malware.

Mara Rodriguez, the department’s public information officer, told Recorded Future News that it all started as a network disruption on April 7 and later confirmed that it involved malware.

Sources close to Eyewitness News said the malware suddenly encrypted many of the department's systems, suggesting a typical ransomware attack.

The incident forced the office to shut down most of its systems, including email and the computers used by officers in their cars.

The department was able to decrypt and recover the impacted data, but it is still grappling with the effects weeks after the incident. For example, the new protocols have forced deputies to radio dispatch to run license plates or get information on a suspect's background.

“Public safety operations have not been affected,” the department said in a statement. “Deputies are able to run backgrounds on people and are still getting dispatched to calls.”

The county is now conducting a forensics investigation to better understand the impact.