Delaware Pays $500,000 Ransom

Uploaded on 2020-12-02 in TECHNOLOGY--Hackers, GOVERNMENT-Local, FREE TO VIEW

Pennsylvania’s Delaware County  is paying five hundred thousand dollars to extortionists who locked down its local government network following a cyber attack that  disrupted its computer network.

Hackers succeeded in compromising systems containing sensitive information, including police reports and payroll. 

The ransomware used is understood to be DoppelPaymer, a known virus that shares a large  part of its code and functionalities with BitPaymer malware. DoppelPaymer ransomware is reported to have been used recently against the TV production company Endemol Shine Group and several other organisations.

“We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our system... The investigation is ongoing and we are working with computer forensic specialists to understand the full nature and scope of the event and confirm accurate information before sharing the details. County employees have been notified and provided with information and instructions." the County said in a statement.

Hackers  gained control of the network over the weekend of 20th November, encrypting files, including police reports, payroll, purchasing and other databases.

Sources said the county is in the process of paying the $500,000 demanded to release the encrypted data and that the has cyber insurance which will compensate for the ransom pay out.

Delaware County’s decision to pay up might well give the same attackers an extra incentive to attack public sector and healthcare organisations in the country over the coming months and Ransomware remains one of the most dangerous and persistent threats that local governments face.

Ransom attacks have been proliferating across the  US public sector over the past year, most notably aginst  the City of Atalanta, also New Orleans, as well as several other municipalities and institutions. Internationally, other significant victims have include the Johannesburg.

Local governments are often under pressured to pay ransom because of the impact on critical services like police and healthcare and so long as victims keep paying, ransomware groups will keep launching attacks.

Ransomware was the largest cause of cyber insurance claims in North America in the first half of 2020, accounting for over two-fifths (41%), although the growing take-up of cyber insurance policies runs the risk of encouraging cyber criminals, as it makes it more likely that victims will pay-up to regain access to networks quickly.

Delaware County:      6ABC:      Infosecurity Magazine:       2-Spyware:        Security Affairs:            

You Might Also Read: 

US Bombarded With Ransomware

 

« Britain Bans Huawei 5G
SSL Encryption For Big Data Security In Cloud Computing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

Sovereign Intelligence

Sovereign Intelligence

Sovereign Intelligence provides automated insight into the relative intensity of hidden Cyber, Brand, and Financial Risks to your company.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

Kasm Technologies

Kasm Technologies

Kasm Browser Isolation - Protect your organization from malware, ransomware and phishing by using zero-trust containerized browsers.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

xMatters

xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents before they can become business problems.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.