You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Despite Warnings, City Thought They Were Safe

Despite warnings from cybersecurity professionals, the City of Florence suffered a brutal cyberattack.

The City of Florence, Alabama can't say they weren't warned!

It all started when the City's IT Manager fell for a Phish. They didn't remediate the problem in time. And now it has cost the city $300,000 in Bitcoin.

This all after a cybersecurity journalist notified the city of a likely threat 12 days BEFORE the attack occurred.

On May 26, KrebsOnSecurity contacted the office of Florence’s mayor to alert them that a Windows 10 system in their IT environment had been commandeered by a ransomware gang.

The warnings were treated like a hot potato. No one wants the stains of a cyberattack on their hands. To make matters worse, the City's IT Manager is the one who fell for a Phishing email!

The Florence IT manager's Microsoft Windows credentials were stolen on May 6 by a DHL-themed phishing attack and used to further compromise the city’s network.

So the attack started with the IT Manager's mistake, then allowed to continue when no one took the necessary actions. And in the end, the attackers hit the city with DoppelPaymer, a vicious Ransomware variant.

DoppelPaymer will steal reams of data from victims prior to launching the ransomware, and then threaten to publish or sell the data unless a ransom demand is paid.

Stealing data and threatening to release has become a very popular form of attack for hacker groups (see here and here)

“We were trying to get another [cybersecurity] response company involved, and that’s what we were trying to get through the city council on Friday when we got hit.”

Unfortunately, the city was simply too late in getting protected. In fact, the hacker group might have been in their network for weeks before launching the ransomware attack.

“It appears they may have been in our system since early May — over a month going through our system." - Florence Mayor Steve Holt

Local governments are already over-burdened, even when not dealing with a Pandemic. The next step is preparing your employees to address this Ransomware problem with Security Awareness Training. (Texas did so here)

Are you ready to take action?
You already have a lot on your plate, so we make it easy. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) team here!

Original articles here and here.
[https://krebsonsecurity.com/2020/06/florence-ala-hit-by-ransomware-12-days-after-being-alerted-by-krebsonsecurity/]
[https://www.securityweek.com/alabama-city-pay-300000-ransom-computer-system-hack]

GovernmentSales
Joel Cahill

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.

You might also like

Criminal Courts Hacked, Docs Leaked

Criminal Courts Hacked, Docs Leaked

With Courts sending and receiving tons of email with attachments, they are a ripe target for a crafty Phish.

Joel Cahill
Joel Cahill
Legal
What Do Canon, Jack Daniels and Carnival Cruises Have In Common?

What Do Canon, Jack Daniels and Carnival Cruises Have In Common?

You may patronize each of these companies on vacation, and now hackers are taking a lot of that money for themselves.

Joel Cahill
Joel Cahill
Hospitality

Featured Posts

CIS Control 14 and Security Awareness Training

CIS Control 14 and Security Awareness Training

Let's Dig In: Security Awareness & Compliance

Let's Dig In: Security Awareness & Compliance

Cyber Insurers Tighten Requirements

Cyber Insurers Tighten Requirements