LINCOLN COUNTY, N.C. — It's deja vu for Lincoln County officials after they experienced their second ransomware attack in as many weeks.
"This isn't an attack," an officer said. "This is a relentless non-stop method of attack."
The first attack happened on July 26. Authorities said hackers held hostage the sheriff's office's computers and website.
The second strike took place Tuesday night and crippled Lincoln County Communications. At this point, Lincoln County is not aware of any ransom requests made by the hacker.
"It just shows us that we need to be careful and that we need to be sure our systems are secure as possible," said Governor Roy Cooper.
Lincoln County staffers like Ronnie Rombs said the county's working with the FBI and the North Carolina National Guard's IT disaster relief team to investigate and recover from these attacks.
Sheriff Bill Beam said they've been rebuilding all of their servers in stages.
"We're going to be really busy probably over the next six months on a catch-up. all the information is there. We just don't have the ability to access it at a moment's notice," he said.
They have to resort to the old-fashioned way, pulling out and leafing through paper documents, which slows things down.
All of their new servers will be offsite in the cloud, making their systems safer. The sheriff's office already spent $200,000 to upgrade equipment.
The 911 center can still take calls.
In recent weeks, systems in Concord and Anson County were under siege. Experts said becoming a victim is as easy a bad mouse click on a pop-up window, email or web link.
In late 2017, that's exactly what opened the door for cybercriminals zeroing in on Mecklenburg County's servers. A county employee opened a corrupt email.
That ransomware attack shut down 48 servers. The culprits carrying out the digital heist demanded $23,000 ransom for access to the files.
"This situation will be resolved in days and not hours," said a Mecklenburg County official.
Mecklenburg County refused to pay but eventually regained control.
"I can't overemphasize the scale of the criminal enterprise here," said a cybercriminal expert. "They're dedicated to stealing our stuff, stealing our data."