Wood County Government fell victim to a ransomware attack on December 9, disrupting its computer networks and forcing critical operations into manual workarounds. While 911 services, fire/emergency responses, and public-facing offices remain operational, internal systems including the Wood County Sheriff’s Office Computer-Aided Dispatch (CAD), historical police records, and county administrative functions were severely impacted. Employees resorted to pen-and-paper processes, and some emergency response agencies tied to the sheriff’s system faced delays in digital record access. The attack triggered firewall breaches, halting further infiltration, but the extent of data compromise remains undisclosed due to an ongoing criminal investigation. Third-party cybersecurity forensics teams and law enforcement are involved, but no details on the ransom demand, affected data types (e.g., employee/citizen records), or long-term operational damage have been released. The county insists public services are uninterrupted, though internal inefficiencies persist, raising concerns about potential exposure of sensitive government or citizen data if the attack escalated beyond initial containment.
TPRM report: https://www.rankiteo.com/company/woodcountywigov
"id": "woo1194211102725",
"linkid": "woodcountywigov",
"type": "Ransomware",
"date": "12/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Residents and businesses '
'relying on county services '
'(e.g., emergency response, '
'administrative offices)',
'industry': 'Public Administration',
'location': 'Wood County, Ohio, USA',
'name': 'Wood County Government',
'type': 'Local Government'},
{'customers_affected': 'Residents requiring 911 or '
'deputy services',
'industry': 'Public Safety',
'location': 'Wood County, Ohio, USA',
'name': 'Wood County Sheriff’s Office',
'type': 'Law Enforcement Agency'},
{'customers_affected': 'Residents and local businesses',
'industry': 'Public Safety',
'location': 'Bowling Green, Ohio, USA',
'name': 'Bowling Green Police Division',
'type': 'Law Enforcement Agency'},
{'customers_affected': 'None (systems reported as '
'secure)',
'industry': 'Public Administration',
'location': 'Bowling Green, Ohio, USA',
'name': 'Bowling Green City Government',
'type': 'Local Government'}],
'customer_advisories': ['Public advised that 911 and emergency services '
'remain operational',
'Residents informed that county offices are open with '
'workarounds in place',
'No disruption to public-facing services reported'],
'data_breach': {'data_encryption': 'Likely (ransomware typically encrypts '
'data, but specifics undisclosed)'},
'date_detected': '2023-12-09',
'date_publicly_disclosed': '2023-12-09',
'description': 'On December 9, the Wood County Information Technology '
'Department detected ransomware on the county government’s '
'computer network. The attack disrupted several county '
'systems, including those tied to emergency response agencies '
'like the Wood County Sheriff’s Office. While critical '
'services (e.g., 9-1-1, fire, and emergency resources) '
'remained operational, some departments resorted to manual '
'processes (e.g., pen and paper) due to system unavailability. '
'The city of Bowling Green, though connected to Wood County, '
'reported its systems remained secure due to proactive '
'isolation measures. The investigation is ongoing, with law '
'enforcement and third-party cybersecurity consultants '
'involved. Details such as the ransom amount, extent of data '
'compromise, and specific impacts remain undisclosed for '
'security reasons.',
'impact': {'brand_reputation_impact': 'Potential reputational risk due to '
'public awareness of the attack, though '
'services remain operational',
'downtime': 'Ongoing as of the last report (workarounds '
'implemented)',
'operational_impact': ['Manual processes (pen and paper) for some '
'departments',
'Limited access to historical data (e.g., '
'Bowling Green Police Division)',
'Dispatchers using legacy methods for '
'portions of their jobs'],
'systems_affected': ['Wood County governmental offices (general '
'systems)',
'Wood County Sheriff’s Office computer-aided '
'dispatch (CAD) system',
'Bowling Green Police Division (historical '
'data access)',
'Other county departments (unspecified)']},
'investigation_status': 'Ongoing (as of the last report)',
'ransomware': {'data_encryption': 'Yes (implied by ransomware attack)'},
'references': [{'source': 'BG Independent News'}],
'response': {'communication_strategy': ['Limited public disclosure due to '
'ongoing criminal investigation',
'Statements from Wood County '
'Prosecuting Attorney Paul Dobson and '
'IT Director Keith Kirby',
'Assurances to the public that '
'critical services (e.g., 911) remain '
'operational'],
'containment_measures': ['Firewalls tripped to halt infiltration',
'Isolation of Bowling Green’s systems '
'from Wood County'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'network_segmentation': 'Bowling Green severed connections with '
'Wood County to isolate its systems',
'recovery_measures': ['Collaboration with forensic investigators '
'to restore full services'],
'remediation_measures': ['Ongoing analysis and testing by IT and '
'cybersecurity teams',
'Workarounds implemented for affected '
'systems (e.g., manual processes)'],
'third_party_assistance': ['Nationally recognized cybersecurity '
'and data forensics consultants']},
'stakeholder_advisories': ['Assurances from Bowling Green IT Director Keith '
'Kirby that city systems are secure',
'Statements from Wood County Prosecuting Attorney '
'Paul Dobson on limited disclosure due to '
'investigation',
'Updates from Wood County Emergency Management '
'Agency Director Jeff Klein on operational '
'continuity'],
'title': 'Ransomware Attack on Wood County Government Systems',
'type': 'Ransomware Attack'}