Madison County, Indiana, population of about 130,000, was the victim of a ransomware attack last week. Government workers without working computers were thrown back into the past to pen and paper, confusion abounds, and county commissioners unanimously voted to pay the ransom.Indiana State Police Capt. Dave Bursten told WTHR, \u201cIt's like when I came on in the 80s - we're doing everything with pencil and paper.\u201d\u201cWe cannot query old information to bring up prior reports or prior court records,\u201d Madison County Sheriff Scott Mellinger told Fox59. \u201cIf we want to bring somebody\u2019s record up for something in the future, let\u2019s say for somebody that has been arrested or somebody who is even in jail then we cannot look up information that would help us at a hearing. On the sheriff\u2019s office side, we cannot book people into jail using the computers. We are using pencil and paper like the old days.\u201dIn one of many contradictory reports, sheriff\u2019s deputies were not using pen and paper but were \u201cusing laptops.\u201d And since they couldn\u2019t access police reports, they were \u201ccollecting information and creating documents in Microsoft Word.\u201d While that's not normal operating procedure, typing in Word is not quite the same thing as using pen and paper.County residents making special trips to the courthouse were reportedly ticked, turned away, or their information was jotted down on paper. Auditor employees took vacation or burned personal time off, since\u00a0\u201cwithout the computer system there could be no work done," auditor Jane Lyons told TheHeraldBulletin. "We have to access all our information on the computers.\u201dTwo of the Circuit Court divisions kept going, keeping track of court activities by hand, but one judge moved all of Monday\u2019s court hearings to another date.The ransomware was discovered \u201cSaturday\u201d at the county\u2019s Central Dispatch after the \u201ccomputer system started locking up.\u201d Indiana State Police Capt. Dave Bursten mentioned that 911 calls were being taken down by hand as opposed to being entered into a computer.Otherwise, there are conflicting reports about the details of the ransomware attack. For example, after the attack reportedly occurred on Friday, Nov. 4, locking the county out from accessing records, Fox59 asked Madison County IT Director Lisa Cannon how could this happen \u201cto an entire county\u2019s computer system?\u201d In return, \u201cCannon explained that the IT department took all the security measures they could have, but hackers found a way in.\u201dWouldn\u2019t taking all the security measures possible have included having offline backups, or at least some backups? Cannon told TheHeraldBulletin, \u201cWe\u2019re in the process of adding a backup system.\u201d Unfortunately, that\u2019s too little too late.Employee awareness might also need a bit of work, or perhaps it was simply sound advice when an Indiana State Police spokesman advised people that it is \u201ccritical to back up pictures, files, records - everything either in the cloud or a on a hard drive. Also, avoid clicking on any links you're not familiar with.\u201dCannon claimed, \u201cCounty officials are confident that no personal information from local residents was compromised.\u201d However, she also added, \u201cWe\u2019re checking to determine if any information was harvested through the attack.\u201dThere was no mention of the ransomware variant that hit the county. Several articles reference a specific quote on Fox59 that is no longer a part of the article. That missing quote was allegedly a statement by Madison County Sheriff Scott Mellinger: \u201cThere are so many unknowns here because even the investigators that had a lot of experience in this area are telling us they have not dealt with this specific virus before.\u201dUmm, that is doubtful but not impossible. However, now the article quotes Sheriff Mellinger as saying, \u201cThey are calling this a very significant event and that means whoever is behind it absolutely knows what they are doing and it is going to be extremely difficult for us to gain access of our servers on our own.\u201dAdditionally, there have been only vague references to the ransom amount demanded. WTHR claimed the ransom was \u201cthousands of dollars.\u201d Cannon refused to reveal the actual amount, but he told Fox59 that it was a \u201clarge sum.\u201d Yet Madison County Commissioner John Richwin claimed the ransom \u201cwas for an amount less than most county residents would have anticipated.\u201dAccording to StateScoop, during an emergency meeting on Saturday, county commissioners were told \u201cthey had seven days to pay the ransom. Commissioners unanimously agreed to pay the ransom.\u201dMadison County was covered by Travelers Insurance, which will reimburse a portion of the cost, less the county\u2019s deductible.Here\u2019s another head scratcher: TheIndyChannel reported, \u201cNo one has taken responsibility for the attack.\u201dHello? Read the ransom note. I'd be willing to guarantee the payment is going to someone as opposed to \u201cno one.\u201d Tracking down that someone may not be so easy. The Indiana State Police were continuing to investigate.Presumably the inconsistencies are a result of people being unfamiliar with ransomware and how it works. The IT director explained ransomware so non-security-minded individuals would grasp it: \u201cJust as you would have a ransom note you see on a drama on TV when someone is kidnapped, there is a ransom note and it is exactly that type of thing.\u201dAs for the county commissioners meeting and voting to pay the ransom on Saturday, did paying the ransom work? As of Monday, it was reported that Madison County was not expected to be up and running until today. StateScoop said earlier today that \u201cservices are still being brought online.\u201dThankfully voting in Madison County was not affected, as it was on a different system.