2 min read

City of Cartersville Admits Paying Ryuk Ransomware Operators $380,000

Filip TRUȚĂ

March 02, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
City of Cartersville Admits Paying Ryuk Ransomware Operators $380,000

Almost a year after getting infected with ransomware, the City of Cartersville in the U.S. State of Georgia this week admitted to paying ransomware operators $380,000 to unlock its systems.

Cartersville reportedly got infected in early May last year when it saw “3 terabytes worth of data” vanish from city computers and servers. The city recovered within a week, but only after paying their cyber-aggressors to the tune of $380,000 in non-tradable Bitcoins, “with an additional $7,755.65 paid for transaction fees and negotiators,” according to the documents obtained by The Daily Tribune News.

The incident was made public this week after the news outlet filed an Open Records Request. Records obtained in the wake of such a request are documents that are supposed to be made available to members of the public on request. Each of the fifty states has its own set of laws governing which documents are considered public.

The payout is reportedly much lower than the amount demanded by the attackers. According to Assistant City Attorney Keith Lovell, the sum sought by the hackers was initially $2.8 million. The cybercrooks reportedly used Ryuk ransomware in the attack on Cartersville, a ransomware strain notoriously used in attacks on government and state institutions, and sometimes on critical infrastructures, including oil pipelines and hospitals.

City Manager Tamara Brock couldn”t confirm exactly how the attackers breached city systems. However, all signs point to a negligent city employee clicking on a malicious file in an email.

“What we basically have kind of narrowed it down to is it started as an email string, most likely, and came in when a file was clicked on,” Brock said.

The case is under investigation by the FBI.

Studies consistently show that employees are the most vulnerable link in a cyberattack. And according to a study commissioned by Bitdefender in 2019, companies placing more emphasis on cyber-training their employees are proportionally better at detecting and stopping an unfolding attack.

Fittingly, Cartersville is now regularly testing employees with intentional phishing emails to teach them how to recognize those for training purposes. The City has also migrated to a new email filtering provider, added monitoring software, and implemented a new protocol to help personnel “weed out malicious emails from their inboxes,” according to the report.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

EU to Enforce Stricter Cybersecurity Regulations for IoT Devices and Software EU to Enforce Stricter Cybersecurity Regulations for IoT Devices and Software
Silviu STAHIE

September 20, 2022

1 min read
Hacker Posts GTA VI Videos on GTAForums, Claims to Have Stolen Source Code Hacker Posts GTA VI Videos on GTAForums, Claims to Have Stolen Source Code
Silviu STAHIE

September 19, 2022

1 min read
Starbucks Singapore warns customers after hacker steals data, offers it for sale on underground forum Starbucks Singapore warns customers after hacker steals data, offers it for sale on underground forum
Graham CLULEY

September 16, 2022

1 min read