Saturday, December 2, 2023

Massive Ryuk Ransomware Attack on Entire Computers of Jackson County, Georgia – $400,000 Ransom Paid

Rural Jackson County, Georgia computer systems are infected with Massive Ryuk ransomware attack that leads to shut down all the operations.

Since there is no way to recover the files back without the decryption key, officials paid $400,000 as a ransom amount to cybercriminals in order to recover the infected system.

Authorities Confirmed that the ransomware infected throughout all the department’s systems on March 1.

Threat actors used Ryuk, a powerful Ransomware to conduct this cyber attack and successfully infect all around IT systems that managed by Jackson County, Georgia.

Newly spreading Ryuk Ransomware campaign targeting various enterprise network around the globe and encrypting various data in storage, personal computers, and data center.

Mainly Ryuk distributed via massive spam campaigns and exploit kits and there is some specific operation such as extensive network mapping, hacking, and credential collection required before each operation.

In This case, Ransomware attack take down the entire county government’s email system is offline, and some departments, including law enforcement.

During the time in between attack and recovery, all the operation had to resort to conducting entirely on paper officials said to statescoop.

According to Sheriff Janis Mangum, “Everything we have is down,” “We are doing our bookings the way we used to do it before computers. We’re operating by the paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”

Initially, this attack publicly disclosed by county officials on 11alive and they confirmed that all departments were impacted. They’re now working to restore the 911 and emergency systems first.

Also Read: Ransomware Attack Response and Mitigation Checklist

“Since the attack includes our emails, communication has been tricky but our phones still work so we are doing everything possible to keep things running as smoothly as we can,” a spokesperson said by Facebook on Wednesday.

Since there is no way out $400,000 amount ransom were paid and County officials are in the process of decrypting computers and servers a week after the first signs of an attack, said Jackson County Manager Kevin Poe on Friday.

Attackers only demand to pay via bitcoin that makes impossible to track the attacker back ,so the county hired a cyber-security response consultant with experience in negotiating with hackers, Poe said.

Finally, consultants paid the ransom amount via bitcoin and also In dealing with the FBI and cybersecurity experts, this is one of the most sophisticated attacks they have ever seen in the U.S.,” Jackson County Manager Poe said.

Cyber criminals really well planned before execute this attack which crippled the entire system of Jackson County.

Its unclear that who was behind this massive attack, FBI believes that the group of cyber criminals operated this attack from eastern Europe.

Learn : Certified Advanced Persistent Threat Analyst online

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A Scary Evolution & Alliance of TrickBot, Emotet and Ryuk Ransomware Attack

Hackers Spreading JCry Ransomware that Infecting Windows users via Compromised Websites

Ryuk Ransomware Attack on various Enterprise Network Around the World & Earned $640,000


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles