Delaware Pays $500,000 Ransom

Uploaded on 2020-12-02 in TECHNOLOGY--Hackers, GOVERNMENT-Local, FREE TO VIEW

Pennsylvania’s Delaware County  is paying five hundred thousand dollars to extortionists who locked down its local government network following a cyber attack that  disrupted its computer network.

Hackers succeeded in compromising systems containing sensitive information, including police reports and payroll. 

The ransomware used is understood to be DoppelPaymer, a known virus that shares a large  part of its code and functionalities with BitPaymer malware. DoppelPaymer ransomware is reported to have been used recently against the TV production company Endemol Shine Group and several other organisations.

“We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our system... The investigation is ongoing and we are working with computer forensic specialists to understand the full nature and scope of the event and confirm accurate information before sharing the details. County employees have been notified and provided with information and instructions." the County said in a statement.

Hackers  gained control of the network over the weekend of 20th November, encrypting files, including police reports, payroll, purchasing and other databases.

Sources said the county is in the process of paying the $500,000 demanded to release the encrypted data and that the has cyber insurance which will compensate for the ransom pay out.

Delaware County’s decision to pay up might well give the same attackers an extra incentive to attack public sector and healthcare organisations in the country over the coming months and Ransomware remains one of the most dangerous and persistent threats that local governments face.

Ransom attacks have been proliferating across the  US public sector over the past year, most notably aginst  the City of Atalanta, also New Orleans, as well as several other municipalities and institutions. Internationally, other significant victims have include the Johannesburg.

Local governments are often under pressured to pay ransom because of the impact on critical services like police and healthcare and so long as victims keep paying, ransomware groups will keep launching attacks.

Ransomware was the largest cause of cyber insurance claims in North America in the first half of 2020, accounting for over two-fifths (41%), although the growing take-up of cyber insurance policies runs the risk of encouraging cyber criminals, as it makes it more likely that victims will pay-up to regain access to networks quickly.

Delaware County:      6ABC:      Infosecurity Magazine:       2-Spyware:        Security Affairs:            

You Might Also Read: 

US Bombarded With Ransomware

 

« Britain Bans Huawei 5G
SSL Encryption For Big Data Security In Cloud Computing »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

netfiles

netfiles

netfiles offers highly secure data rooms for sensitive business processes and secure data exchange.

Red Sift

Red Sift

Red Sift is the only integrated cloud email and brand protection platform, supporting organizations to secure their communications.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

Agile Defense

Agile Defense

Agile Defense is an Information Technology services provider, delivering leading-edge Digital Transformation solutions to the Federal Government.

SecurityLoophole

SecurityLoophole

SecurityLoophole is an independent cyber security news platform with global coverage. Latest updates, reports, news and events related to cyber security.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.

Fernao Group

Fernao Group

Fernao offer you all solutions from a single source - from cyber security, business resilience and digital infrastructure to cloud technologies and pentesting.

Black Alps

Black Alps

Black Alp's mission is to promote cybersecurity through the organization of dedicated events.