Sponsored content contributed by AOC Business Partner: Covenant Technology Solutions
By now, most of us have heard horror stories of local governments falling victim to cybercriminals — stories of ransomware, phishing attacks, and data breaches. It sounds awful, but for county leaders, this isn’t just background noise. It’s a direct concern. Why? Because you’re responsible for protecting community assets, including sensitive data and critical services.
County leaders in Curry County learned this the hard way. On April 26, 2023, this beautiful southern coastal county was struck by a ransomware attack. Once inside the network, attackers encrypted data, locking the county out of its digital systems. No files. No email. No voicemail. Real estate transactions halted. Police communications failed. Virtually every public service was paralyzed. Employees reverted to paper while IT systems were rebuilt from scratch.
As Curry County Commissioner Brad Alcorn described at the time, “It has impacted every function of this county and literally wiped away our digital footprint.” In an interview with Oregon Public Broadcasting a month after the initial attack (May 2023), Alcorn reported, “We are still not up and running and still struggling through this.” Click here to listen to the entire interview
The attackers demanded a ransom to restore access. However, in line with guidance from the State of Oregon and the FBI, the county did not pay. Instead, it began the costly, painstaking process of rebuilding. Restoring services took months and hundreds of thousands of dollars.
This incident underscores the real-world consequences of cyber threats and the urgent need for local government leaders to prioritize cybersecurity to protect essential community assets. Says Alcorn, “When I woke up on the morning of the 26th, I was focusing on our housing issues. I was focusing on our homeless issues and our funding issues. The last thing on my mind was a cybersecurity attack.” But now Alcorn cautions leaders, “Cybersecurity is expensive. But I have got to tell you, if you’re in charge of any type of government organization, you should really be investing in your cybersecurity infrastructure.”
The takeaway is clear: safeguarding digital infrastructure is no longer optional. It’s a fundamental responsibility. Protecting public trust and essential services starts with building cyber resilience — before disaster strikes.