Categories: Ransomware

Massive Ryuk Ransomware Attack on Entire Computers of Jackson County, Georgia – $400,000 Ransom Paid

Rural Jackson County, Georgia computer systems are infected with Massive Ryuk ransomware attack that leads to shut down all the operations.

Since there is no way to recover the files back without the decryption key, officials paid $400,000 as a ransom amount to cybercriminals in order to recover the infected system.

Authorities Confirmed that the ransomware infected throughout all the department’s systems on March 1.

Threat actors used Ryuk, a powerful Ransomware to conduct this cyber attack and successfully infect all around IT systems that managed by Jackson County, Georgia.

Newly spreading Ryuk Ransomware campaign targeting various enterprise network around the globe and encrypting various data in storage, personal computers, and data center.

Mainly Ryuk distributed via massive spam campaigns and exploit kits and there is some specific operation such as extensive network mapping, hacking, and credential collection required before each operation.

In This case, Ransomware attack take down the entire county government’s email system is offline, and some departments, including law enforcement.

During the time in between attack and recovery, all the operation had to resort to conducting entirely on paper officials said to statescoop.

According to Sheriff Janis Mangum, “Everything we have is down,” “We are doing our bookings the way we used to do it before computers. We’re operating by the paper in terms of reports and arrest bookings. We’ve continued to function. It’s just more difficult.”

Initially, this attack publicly disclosed by county officials on 11alive and they confirmed that all departments were impacted. They’re now working to restore the 911 and emergency systems first.

Also Read: Ransomware Attack Response and Mitigation Checklist

“Since the attack includes our emails, communication has been tricky but our phones still work so we are doing everything possible to keep things running as smoothly as we can,” a spokesperson said by Facebook on Wednesday.

Since there is no way out $400,000 amount ransom were paid and County officials are in the process of decrypting computers and servers a week after the first signs of an attack, said Jackson County Manager Kevin Poe on Friday.

Attackers only demand to pay via bitcoin that makes impossible to track the attacker back ,so the county hired a cyber-security response consultant with experience in negotiating with hackers, Poe said.

Finally, consultants paid the ransom amount via bitcoin and also In dealing with the FBI and cybersecurity experts, this is one of the most sophisticated attacks they have ever seen in the U.S.,” Jackson County Manager Poe said.

Cyber criminals really well planned before execute this attack which crippled the entire system of Jackson County.

Its unclear that who was behind this massive attack, FBI believes that the group of cyber criminals operated this attack from eastern Europe.

Learn : Certified Advanced Persistent Threat Analyst online

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A Scary Evolution & Alliance of TrickBot, Emotet and Ryuk Ransomware Attack

Hackers Spreading JCry Ransomware that Infecting Windows users via Compromised Websites

Ryuk Ransomware Attack on various Enterprise Network Around the World & Earned $640,000

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

7 hours ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

7 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

10 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

13 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

14 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

14 hours ago