Ransomware, Content

Ransomware Attack: Georgia City Pays $380K Ransom to Hackers

The City of Cartersville, Georgia submitted a $380,000 payment in non-tradeable Bitcoins to hackers, along "with an additional $7,755.65 paid for transaction fees and negotiators," according to The Daily Tribune News. The payment came after the city experienced a Ryuk ransomware attack in May 2019.

Cartersville officials regained access to internal files affected by the ransomware attack within about 48 hours after the Bitcoin payment was made, City Manager Tamara Brock told the Daily Tribune News. The city's IT systems also were fully operational within six days of the attack.

A Closer Look at the Cartersville Ransomware Attack

Text messages between Cartersville city officials indicated that the ransomware attack occurred May 4, 2019, the Daily Tribune News reported. Approximately 3 TB of data were impacted by the cyberattack, and cybercriminals initially demanded a $2.8 million ransom.

No city employee or customer information was compromised in the ransomware attack, Brock stated. In addition, Cartersville utility services continued to operate during the ransomware attack, and no vulnerability in the city's cyber infrastructure was exploited by cybercriminals.

The FBI is investigating the Cartersville ransomware attack, and no arrests have been made in connection with the incident, Brock said. The cybersecurity breach also has not resulted in any employee terminations or disciplinary actions.

Cybercriminals use Ryuk to target organizations via email-based malware, endpoint protection platform provider CrowdStrike told the Daily Tribune News. To date, they have launched Ryuk attacks against hospitals, libraries, energy companies and other organizations across a wide range of industries.

Ransomware Attacks Multiple Georgia Towns, Cities

Multiple Georgia municipalities have suffered ransomware attacks in the past year or so.

Victims include:

The UK National Cyber Security Centre (NCSC) in 2019 issued a warning about Ryuk ransomware attacks, too. NCSC also has provided organizations with tips to help them combat Ryuk ransomware attacks.

The U.S. Conference of Mayors in July 2019 unanimously resolved to no longer pay any ransom to hackers, following a series of cyber shakedowns that have extorted millions from city governments.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.