BERLIN — For the second time this year, a North Country nonprofit organization based in the city has been hit by a ransomware attack.
Hackers struck the Androscoggin Valley Regional Refuse Disposal District this spring, with the district paying an undisclosed amount to get its computer files back, while on Monday hackers targeted Coos County Health Services, which operates two clinics in Berlin and one in Gorham.
According to its website, Coos County Family Health Services “has provided comprehensive office-based primary care services for more than 10 years,” including “diagnosis and treatment of acute and chronic illnesses, preventive services, screening, and health education …”
In a message posted at 2 a.m. Tuesday on its Facebook page, CCHS offered its “Apologies to our patients and colleagues,” explaining that “Our phone and computer systems have been affected by a ransomware attack. We are working to restore services as quickly as possible.”
“With a few exceptions, we will not be open to provide care for patients today (Tuesday) as we work to restore services. We will reach out to reschedule appointments as soon as possible. Again, thank you for your patience and support,” the message said.
In published accounts, Ken Gordon, who is CEO of County Family Health Services, said the attack affected the telephone, computer and e-mail systems.
In response to an email inquiry Thursday, Gordon said he could not comment on the matter because it was ongoing, but he noted that the organization never closed its facilities because of the ransomware attack.
“We have continued to provide services throughout the episode including testing and vaccination for COVID-19,” he said.
As of Thursday afternoon, Coos County Family Health Services on Facebook said all three clinics would be open Thursday and Friday “for walk-in appointments only.” Phone service “has been partially restored, and we continue our work to resume normal operations,” the message said, adding “Thanks to you all for your patience with us as we make our way through this difficult stretch of the pandemic.”
Asked about the ransomware attack at CCHS, Berlin Mayor Paul Grenier on Thursday said he wasn’t very familiar with it, but said the municipality has been steeling itself for such an attack.
“All of our files are done in duplicate and triplicate offsite,” said Grenier, but when asked whether the city’s preparation and the corrective measures that CCHS will presumably undertake would deter future attacks on them and other entities in the North Country, he was not optimistic.
“I doubt like hell,” he said, that those efforts will prevent future ransomware attacks. Grenier said he believes the attacks originate from outside the United State and are facilitated by the lax regulation of cryptocurrency, the means by which the hackers are usually paid by victims to retrieve stolen files.
Also the vice chairman of both the Coos County Commission and the Androscoggin Valley Regional Refuse Disposal District, Grenier said the ransomware attack upon CCHS “isn’t the first occurrence in the North Country.”
In April/May, hackers broke into the district’s computer system, seized its files and demanded payment, which was made, said Grenier, although he declined to get into the particulars.
He said the district was unable to use its computers for nearly a week.
Because that attack probably came from overseas, the FBI was immediately involved, said Grenier, who expects that the FBI will likewise take precedence in the investigation of what happened at CCHS.
“I have the full faith and confidence in all levels of law enforcement to get to the bottom of this (the ransomware attack at CCHS) but at the end of the day, as long as cryptocurrency is the trading mechanism of choice, it will be a massive problem,” said Grenier.
