BlackByte ransomware crew has claimed Augusta, Georgia, as its newest sufferer, following what the US city’s mayor has, thus far, solely referred to as a cyber “incident.”
In a Wednesday assertion in regards to the “network outage” posted on the city’s web site, Augusta Mayor Garnett Johnson mentioned the “technical difficulties” – which disrupted some of the city’s pc techniques – began on Sunday, May 21.
“We began an investigation and determined that we were the victim of unauthorized access to our system,” the assertion learn. “Our Information Technology Department is working diligently to investigate the incident, to confirm its impact on our systems, and to restore full functionality to our systems as soon as possible.”
The city can be investigating whether or not any information was stolen within the intrusion, and promised to “update you as more information becomes available.”
By Thursday, nonetheless, FOX54 reported that the incident was a ransomware intrusion and the extortion gang had demanded the city pay $50 million. Additionally, “several city officials” met with FBI brokers in regards to the cyber incident, in line with the information outlet.
When contacted by The Register, Augusta city officers had no remark, however mentioned the mayor’s workplace would launch a press release on Friday morning.
#BlackByte has listed the City of #Augusta. #ransomware 1/2 pic.twitter.com/ebkOVLpqr9
— Brett Callow (@BrettCallow) May 25, 2023
Meanwhile, BlackByte, a ransomware-as-a-service gang that has compromised no less than three important infrastructure sectors within the US – authorities services, monetary, and meals and agriculture – listed the city on its information leak web site and claimed to have stolen 10GB of “sensitive data,” in line with a screenshot posted by Emsisoft Threat Analyst Brett Callow.
To be clear, cybercriminals aren’t all the time essentially the most trustworthy of of us, and we do not advise taking them at their phrase.
In a separate ransomware an infection, after which the Cuba crew claimed to have stolen the Philadelphia Inquirer’s monetary paperwork and supply code, the newspaper’s writer yesterday mentioned there’s “no evidence to date” that the supposed information leak had something to do with the Inquirer.
- Could you not? BlackByte ransomware slinger twists the knife with information stealer
- Philly Inquirer says Cuba ransomware gang’s information leak claims are pretend information
- IT safety analyst admits hijacking cyber assault to pocket ransom funds
- Spotted: Suspected Russian malware designed to disrupt Euro, Asia power grids
Still, Augusta “has had a cyber incident, and a ransomware operation has claimed responsibility for that incident. So, yeah, it probably was a ransomware incident,” Callow advised The Register.
At least 33 native governments within the US have been hit by ransomware this yr, and no less than 20 of these have had information stolen, in line with Emsisoft’s stats.
If the BlackByte gang is telling the reality, then there is a good likelihood that Augusta will carry these numbers as much as 34 and 21.
BlackByte, which has been energetic since 2021, follows the identical playbook as many different extortion crime gangs, stealing information earlier than deploying malware to encrypt victims’ information. ®
…. to be continued
Read the Original Article
Copyright for syndicated content material belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2023/05/26/blackbyte_augusta_malware/