Monday, November 25, 2024
HomeRansomwareMassive Ryuk Ransomware Attack on Entire Computers of Jackson County, Georgia ...

Massive Ryuk Ransomware Attack on Entire Computers of Jackson County, Georgia – $400,000 Ransom Paid

Published on

Rural Jackson County, Georgia computer systems are infected with Massive Ryuk ransomware attack that leads to shut down all the operations.

Since there is no way to recover the files back without the decryption key, officials paid $400,000 as a ransom amount to cybercriminals in order to recover the infected system.

Authorities Confirmed that the ransomware infected throughout all the department’s systems on March 1.

- Advertisement - SIEM as a Service

Threat actors used Ryuk, a powerful Ransomware to conduct this cyber attack and successfully infect all around IT systems that managed by Jackson County, Georgia.

Newly spreading Ryuk Ransomware campaign targeting various enterprise network around the globe and encrypting various data in storage, personal computers, and data center.

Mainly Ryuk distributed via massive spam campaigns and exploit kits and there is some specific operation such as extensive network mapping, hacking, and credential collection required before each operation.

In This case, Ransomware attack take down the entire county government’s email system is offline, and some departments, including law enforcement.

During the time in between attack and recovery, all the operation had to resort to conducting entirely on paper officials said to statescoop.

According to Sheriff Janis Mangum, “Everything we have is down,” “We are doing our bookings the way we used to do it before computers. We’re operating by the paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”

Initially, this attack publicly disclosed by county officials on 11alive and they confirmed that all departments were impacted. They’re now working to restore the 911 and emergency systems first.

Also Read: Ransomware Attack Response and Mitigation Checklist

“Since the attack includes our emails, communication has been tricky but our phones still work so we are doing everything possible to keep things running as smoothly as we can,” a spokesperson said by Facebook on Wednesday.

Since there is no way out $400,000 amount ransom were paid and County officials are in the process of decrypting computers and servers a week after the first signs of an attack, said Jackson County Manager Kevin Poe on Friday.

Attackers only demand to pay via bitcoin that makes impossible to track the attacker back ,so the county hired a cyber-security response consultant with experience in negotiating with hackers, Poe said.

Finally, consultants paid the ransom amount via bitcoin and also In dealing with the FBI and cybersecurity experts, this is one of the most sophisticated attacks they have ever seen in the U.S.,” Jackson County Manager Poe said.

Cyber criminals really well planned before execute this attack which crippled the entire system of Jackson County.

Its unclear that who was behind this massive attack, FBI believes that the group of cyber criminals operated this attack from eastern Europe.

Learn : Certified Advanced Persistent Threat Analyst online

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A Scary Evolution & Alliance of TrickBot, Emotet and Ryuk Ransomware Attack

Hackers Spreading JCry Ransomware that Infecting Windows users via Compromised Websites

Ryuk Ransomware Attack on various Enterprise Network Around the World & Earned $640,000

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Helldown Ransomware Attacking VMware ESXi And Linux Servers

Helldown, a new ransomware group, actively exploits vulnerabilities to breach networks, as since August...

Phobos Ransomware Admin as Part of International Hacking Operation

The U.S. Department of Justice unsealed criminal charges today against Evgenii Ptitsyn, a 42-year-old Russian...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...