Delaware Pays $500,000 Ransom

Pennsylvania’s Delaware County  is paying five hundred thousand dollars to extortionists who locked down its local government network following a cyber attack that  disrupted its computer network.

Hackers succeeded in compromising systems containing sensitive information, including police reports and payroll. 

The ransomware used is understood to be DoppelPaymer, a known virus that shares a large  part of its code and functionalities with BitPaymer malware. DoppelPaymer ransomware is reported to have been used recently against the TV production company Endemol Shine Group and several other organisations.

“We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our system... The investigation is ongoing and we are working with computer forensic specialists to understand the full nature and scope of the event and confirm accurate information before sharing the details. County employees have been notified and provided with information and instructions." the County said in a statement.

Hackers  gained control of the network over the weekend of 20th November, encrypting files, including police reports, payroll, purchasing and other databases.

Sources said the county is in the process of paying the $500,000 demanded to release the encrypted data and that the has cyber insurance which will compensate for the ransom pay out.

Delaware County’s decision to pay up might well give the same attackers an extra incentive to attack public sector and healthcare organisations in the country over the coming months and Ransomware remains one of the most dangerous and persistent threats that local governments face.

Ransom attacks have been proliferating across the  US public sector over the past year, most notably aginst  the City of Atalanta, also New Orleans, as well as several other municipalities and institutions. Internationally, other significant victims have include the Johannesburg.

Local governments are often under pressured to pay ransom because of the impact on critical services like police and healthcare and so long as victims keep paying, ransomware groups will keep launching attacks.

Ransomware was the largest cause of cyber insurance claims in North America in the first half of 2020, accounting for over two-fifths (41%), although the growing take-up of cyber insurance policies runs the risk of encouraging cyber criminals, as it makes it more likely that victims will pay-up to regain access to networks quickly.

Delaware County:      6ABC:      Infosecurity Magazine:       2-Spyware:        Security Affairs:            

You Might Also Read: 

US Bombarded With Ransomware

 

« Britain Bans Huawei 5G
SSL Encryption For Big Data Security In Cloud Computing »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Ciklum

Ciklum

Ciklum provide specialist software QA and testing services including Security QA and Performance QA, QA Automation and Manual QA.

JLT Specialty

JLT Specialty

JLT Specialty is a leading specialist insurance broker. Services offered include Cyber Risks insurance.

Information Network Security Agency (INSA)

Information Network Security Agency (INSA)

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

Opaq Networks

Opaq Networks

OPĀQ Networks’ groundbreaking network security-as-a-service empowers organizations with the easiest way to tighten security control and improve business agility.

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Trusted Objects

Trusted Objects

Trusted Object's mission is to provide state of the art security solutions and services enabling a strong root of trust for the IoT ecosystem.

SystemExperts

SystemExperts

SystemExperts is a premier provider of IT compliance and cyber security consulting services.

Cutting Edge Technologies (CE Tech)

Cutting Edge Technologies (CE Tech)

CE Tech is a Next Generation Technology Partner providing advanced technology infrastructure solutions through partnerships with leading technology providers.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

Quantum eMotion

Quantum eMotion

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.