September 29, 2023

Ransomware continues to plague regional governments within the U.S., with a Wisconsin county saying a “catastrophic software program failure” following an alleged LockBit ransomware assault, and a California metropolis declaring a state of emergency over a cyber incident that started final week.

Authorities companies in northern Wisconsin’s Langlade County shared pressing messages on social media on July 11 warning that they have been coping with extreme expertise failures. The problems weren’t attributed to a cyberattack however the LockBit ransomware group added the county to its record of victims this weekend, threatening to leak all knowledge stolen from the federal government by August 1.

“Langlade County Sheriff’s Workplace is experiencing a catastrophic software program failure. All telephone strains are non-functioning. 911 requires help might be rerouted and dealt with,” the native sheriff’s workplace mentioned final week, offering a short lived telephone quantity for these in want of help.

Picture: A posting by LockBit to its leak website.

Alerts have been shared by the Langlade County Well being Division, Langlade County Emergency Administration and the police division of county seat Antigo. Not one of the companies responded to requests for remark about whether or not they have been additionally coping with technical points associated to the problems going through the sheriff’s workplace.

The county has a inhabitants of about 20,000 folks.

Whereas information in current weeks has centered on ransomware gangs like Clop and Black Cat, LockBit has continued its unprecedented run of assaults on organizations Two weeks in the past the gang made waves with a $70-million ransom demand after attacking a provider for one of many world’s largest chip producers.

U.S. companies lately mentioned LockBit has claimed duty for not less than 1,653 ransomware assaults, primarily based on victims posted to its leak website, and introduced in not less than $91 million in ransoms from U.S. victims since its first reported assault within the nation in January 2020.

The group has made some extent of going after native governments, launching assaults on small cities in Colorado, Florida and Ohio, in addition to bigger cities like Oakland.

Simply south of Oakland, town of Hayward found a ransomware assault final week, though no group has but claimed it. The town council formally declared a state of emergency on Thursday, which “permits for better flexibility in government decision-making, deployment of Metropolis staff, and acquisition of wanted tools, provides and different assets.”

“It additionally is usually a prerequisite to and streamline reimbursement of sure prices related to responding to the incident,” the Hayward Metropolis Council mentioned.

“Since discovery of the cyber intrusion early Sunday morning, the Metropolis has maintained important companies, together with 9-1-1 emergency dispatch, police, firefighter and emergency-medical response, water and sewer operations, and upkeep companies. Entry to the Metropolis web site and e-mail site visitors into Metropolis places of work have been restored after being turned off as precautionary measures.”

Final week, Hayward Metropolis Supervisor and Emergency Providers Director Kelly McAdoo defined that she decided an emergency declaration is warranted “by advantage of the acute peril to the security of individuals and property within the Metropolis attributable to a cybersecurity assault, together with makes an attempt to disrupt and maintain hostage facets and parts of Metropolis pc programs and networks.”

The decision permitted final week lasts for seven days, giving officers time to mobilize bigger forces to handle the cyberattack.

The town of greater than 160,000 residents was pressured to close off its web site and several other on-line municipal portals in response to the cyberattack

Whereas some metropolis web sites have been restored many are nonetheless struggling to come back again on-line.

Emsisoft ransomware skilled Brett Callow mentioned not less than 47 native governments within the U.S. have been impacted by ransomware this 12 months. Along with the assault on Hayward, the Utah metropolis of West Jordan and North Carolina’s Cornelius each confronted cyber incidents associated to ransomware.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than transferring again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.