Fresh on the heels of a ransomware event in Riviera City, FL, Action News JAX has reported that Lake City, FL has been hit with a similar ransomware, and paid cyber criminals $460,000 to get their data back.
This rapidly increasing trend of local governments falling victim is creating a lot of alarm in the cyber-security community. As you might expect, local state and federal governments are charged with protecting lots of personal information. Often, cyber attacks are just used as a cover-up to destroy any evidence of data ex-filtration. See this tweet from Kyle Hanslovan, the CEO of our partner Huntress Labs:
Too many vendor incidents involve ransomware and the conclusion is always “no data was taken” 🧐 In many cases, attackers only drop #ransomware when it’s time to extract the last bit of value (all other objectives met). See Baltimore…https://t.co/zTHgWOhg6x
— Kyle Hanslovan (@KyleHanslovan) June 9, 2019
In incidents that we’ve investigated at Kirbside, we’ve also been able to find traces that data was removed or copied prior to ransomware being dropped onto the victim’s network. The time is now for local governments to partner with local technology allies to secure their data, and the data of their citizens. Ransomware in municipalities often impacts critical services like 911, financial agencies, and more. They can bring city government to a grinding halt as we’ve seen in other cities.
The ransomware threat is still very alive for small to mid-sized businesses as well. Just last week, approximately 8 technology providers we’re breached through the use of compromised credentials. This allowed the attacker(s) to disable all antivirus and systematically deploy ransomware to hundreds of covered computers and servers all at once.