Illinois public health agency website taken down by hackers

The website for a local Illinois health agency was taken down by a cyberattack this week, creating difficulties in distributing accurate information on the coronavirus outbreak.

The Champaign-Urbana Public Health District announced on Facebook on Tuesday that their website was “down,” giving people in their district a phone number and email address to contact the agency for any coronavirus concerns.

On Thursday, the agency wrote in a separate Facebook post that it was still “working to get our website up and running.” The agency set up a new website to allow for access to information on coronavirus.

According to Mother Jones, the website was taken down by a ransomware attack and will likely be down for the next week or two. These attacks involve hackers accessing the system, encrypting it, and asking for money to give users access again, though often with no guarantee that users will get all their data back. 

Julie Pryde, the chief administrator of the health district, told Mother Jones that the cyberattack was “inconvenient,” but that the district had put in place a “robust continuity of action plan.” Pryde did not comment on what data was lost or what data was accessed by hackers.

The Champaign-Urbana Public Health District serves over 200,000 people, including students at the University of Illinois. The university announced Wednesday that it would move to online classes due to coronavirus concerns. 

Ransomware attacks have been increasingly rampant across the nation over the past year. The governments of almost two dozen small towns in Texas were hit by a coordinated ransomware attack in August, while the city governments of Baltimore, New Orleans, and Pensacola, Fla. were all brought to their knees for weeks in 2019 due to similar attacks. 

The Cybersecurity and Infrastructure Security Agency (CISA), the cyber arm of the Department of Homeland Security, recently warned of the potential for hackers to use fears around coronavirus to attack systems. 

“Malicious cyber actors could take advantage of public concern surrounding COVID-19 by conducting phishing attacks and disinformation campaigns,” CISA wrote in a recent alert. “Phishing attacks often use a combination of email and bogus websites to trick victims into revealing personal information.”

The cyber agency recommended that individuals avoid clicking on links in emails, and to not reveal sensitive information in response to suspicious emails.