Delaware Pays $500,000 Ransom
Pennsylvania’s Delaware County is paying five hundred thousand dollars to extortionists who locked down its local government network following a cyber attack that disrupted its computer network.
Hackers succeeded in compromising systems containing sensitive information, including police reports and payroll.
The ransomware used is understood to be DoppelPaymer, a known virus that shares a large part of its code and functionalities with BitPaymer malware. DoppelPaymer ransomware is reported to have been used recently against the TV production company Endemol Shine Group and several other organisations.
“We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our system... The investigation is ongoing and we are working with computer forensic specialists to understand the full nature and scope of the event and confirm accurate information before sharing the details. County employees have been notified and provided with information and instructions." the County said in a statement.
Hackers gained control of the network over the weekend of 20th November, encrypting files, including police reports, payroll, purchasing and other databases.
Sources said the county is in the process of paying the $500,000 demanded to release the encrypted data and that the has cyber insurance which will compensate for the ransom pay out.
Delaware County’s decision to pay up might well give the same attackers an extra incentive to attack public sector and healthcare organisations in the country over the coming months and Ransomware remains one of the most dangerous and persistent threats that local governments face.
Ransom attacks have been proliferating across the US public sector over the past year, most notably aginst the City of Atalanta, also New Orleans, as well as several other municipalities and institutions. Internationally, other significant victims have include the Johannesburg.
Local governments are often under pressured to pay ransom because of the impact on critical services like police and healthcare and so long as victims keep paying, ransomware groups will keep launching attacks..
Ransomware was the largest cause of cyber insurance claims in North America in the first half of 2020, accounting for over two-fifths (41%), although the growing take-up of cyber insurance policies runs the risk of encouraging cyber criminals, as it makes it more likely that victims will pay-up to regain access to networks quickly.
Delaware County: 6ABC: Infosecurity Magazine: 2-Spyware: Security Affairs:
You Might Also Read: