Delaware Pays $500,000 Ransom

Uploaded on 2020-12-02 in TECHNOLOGY--Hackers, GOVERNMENT-Local, FREE TO VIEW

Pennsylvania’s Delaware County  is paying five hundred thousand dollars to extortionists who locked down its local government network following a cyber attack that  disrupted its computer network.

Hackers succeeded in compromising systems containing sensitive information, including police reports and payroll. 

The ransomware used is understood to be DoppelPaymer, a known virus that shares a large  part of its code and functionalities with BitPaymer malware. DoppelPaymer ransomware is reported to have been used recently against the TV production company Endemol Shine Group and several other organisations.

“We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our system... The investigation is ongoing and we are working with computer forensic specialists to understand the full nature and scope of the event and confirm accurate information before sharing the details. County employees have been notified and provided with information and instructions." the County said in a statement.

Hackers  gained control of the network over the weekend of 20th November, encrypting files, including police reports, payroll, purchasing and other databases.

Sources said the county is in the process of paying the $500,000 demanded to release the encrypted data and that the has cyber insurance which will compensate for the ransom pay out.

Delaware County’s decision to pay up might well give the same attackers an extra incentive to attack public sector and healthcare organisations in the country over the coming months and Ransomware remains one of the most dangerous and persistent threats that local governments face.

Ransom attacks have been proliferating across the  US public sector over the past year, most notably aginst  the City of Atalanta, also New Orleans, as well as several other municipalities and institutions. Internationally, other significant victims have include the Johannesburg.

Local governments are often under pressured to pay ransom because of the impact on critical services like police and healthcare and so long as victims keep paying, ransomware groups will keep launching attacks.

Ransomware was the largest cause of cyber insurance claims in North America in the first half of 2020, accounting for over two-fifths (41%), although the growing take-up of cyber insurance policies runs the risk of encouraging cyber criminals, as it makes it more likely that victims will pay-up to regain access to networks quickly.

Delaware County:      6ABC:      Infosecurity Magazine:       2-Spyware:        Security Affairs:            

You Might Also Read: 

US Bombarded With Ransomware

 

« Britain Bans Huawei 5G
SSL Encryption For Big Data Security In Cloud Computing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

4Secure

4Secure

4Secure is a cyber security company providing services and solutions to counter and respond to the most sophisticated and targeted cyber threats.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

PubNub

PubNub

PubNub enables developers to build secure realtime Mobile, Web, and IoT Apps.

Identity Automation

Identity Automation

Identity Automation is a leading provider of Identity and Access Management software.

Atonomi

Atonomi

Atonomi provides IoT developers and manufacturers with an embedded solution to secure devices with blockchain-based immutable identity and reputation tracking.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

AlertFusion

AlertFusion

AlertFusion is a platform that makes security operations more effective. It complements existing tools and technologies, unifies operations, enhances process maturity and drives efficiencies.

Microchip Technology

Microchip Technology

Microchip Technology Inc. is a leading provider of smart, connected and secure embedded control solutions.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

Securance Consulting

Securance Consulting

Since 2002, Securance has empowered enterprises to assume proactive security, compliance, and risk management strategies.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.