"I am confident that our backup data is secure and we have the resources to fix this situation ourselves", County Manager Dena Diorio said in a statement on the county's website. "It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible".
Third-party experts retained by the county believe the ransomware is "a new strain" known as "LockCrypt", and "very little is known about it", the county manager said.
The county faced the dilemma of paying the ransom or reconstructing the system using the backup data. "And there was no guarantee that paying the criminals was a sure fix", Diorio said in a statement.
Updated 4:03 p.m.
Authorities in a North Carolina county say its servers have been hacked and are being held for ransom.
It is still not clear whether the county will pay the ransom. This included county email, printers and copy machines.
"Based on its attributes, it looks like the criminals are from either Iran or the Ukraine", Diorio said during the press conference.
Thursday, they will release a list of services that won't be available to the public because of the hack.
For now, the county is asking people who have business with the county to check with departments by phone.
During a speaking engagement at Charlotte's Kennedy Middle School, Governor Roy Cooper said the county did the right thing by not paying the ransom.
County courts announced they were affected by the outage, as the disruption interfered with jury service. DSS is asking people with reservations to call the customer service line (704-336-4547) to confirm their reservations, through December 11. The local tax office is also struggling to process payments. Sheriff Irwin Carmichael said it's taking longer to manually process arrestees, as well as inmates due to be released. It also contained an email address and instructions on how to pay the ransom. Officials are working with a consultant to come up with a plan.
The county of more than 1 million residents includes North Carolina's largest city, Charlotte, though that municipality appears not to have been directly affected by the hack. Credit card information is not saved on servers. "So while they've frozen the servers, they've not compromised the data and not stolen data, as far as we know at this point", Diorio said Tuesday.
Such attacks are becoming more common - and more sophisticated.