Jun 11, 2020 02:30 UTC
Jun 11, 2020 at 12:16 UTC
Alabama City Officials Intend To Pay Ransom Demanded by DoppelPaymer
Hold Security, a Wisconsin-based firm, first made the city aware of the danger DoppelPaymer spoke to the city’s IT foundation, just as their 40,000-residents.
Last Friday, Florence Mayor Steve Holt authoritatively affirmed that the city’s email framework was hacked. Despite the fact that he didn’t at first recognize that it was a ransomware attack, he affirmed by means of the KrebsOnSecurity report that DoppelPaymer was behind the attack on June 9.
The Mayor affirmed that hackers at first demanded 39 BTC ($378,000). With the assistance of an outer security firm, they figured out how to reduce the price to 30 BTC ($291,000), with the caveat being that if they don’t cover the sum, the hackers will leak the data.
Brett Callow, who is also a threat analyst at malware lab Emsisoft, commented –
“Despite being warned that its network had been compromised, Florence was nonetheless hit by ransomware due to the inadequacy of its response to the initial incident. Organizations cannot afford to be sloppy when it comes to remediating incidents. Completely rebuilding the networking is the only sure-fire way to ensure that an incident such as this does not become a ransomware event in which data is encrypted and possibly exfiltrated.”
The Hackers Usually Target Urban Communities’ IT Infrastructures
Callow says that the ransomware group has claimed various other victims, including the Kimchuk, Visser Precision, and City of Torrance.
DoppelPaymer is known for being one of the ransomware that asks for the most money in its attacks, chiefly targeting businesses as well as government offices.
Alex Holden, chief information security official of Hold Security, said –
“As we monitor many notorious cyber gangs, ransomware is the most preferred vector of attack because of ease of cashing out – paid by the victims themselves. Also, historically, a significant number of victims do not take alerting seriously and often do not follow the best practices ending up victimized regardless of advanced notice. Plus, the victims are not shy about paying ransom, as it became a ‘norm’ in our society today.”
As of late, the DoppelPaymer group managed to penetrate Maryland-based Digital Management Inc’s network. This organization gives IT and Digital security administrations to a few Fortune 100 companies as well as government agencies, similar to NASA.