The Canadian city of St. Marys, Ontario, has been hit by a ransomware assault that has locked employees out of inner methods and encrypted knowledge.
The small city of round 7,500 residents appears to be the newest goal of the infamous LockBit ransomware group. On July twenty second, a publish on LockBit’s darkish web page listed townofstmarys.com as a sufferer of the ransomware and previewed recordsdata that had been stolen and encrypted.
In a telephone name, St. Marys Mayor Al Strathdee instructed The Verge that the city was responding to the assault with the assistance of a group of consultants.
“To be trustworthy, we’re in considerably of a state of shock,” Strathdee mentioned. “It’s not a very good feeling to be focused, however the consultants we’ve employed have recognized what the risk is and are strolling us via the best way to reply. Police have an interest and have devoted assets to the case … there are folks right here engaged on it 24/7.”
Strathdee mentioned that after methods have been locked, the city had acquired a ransom demand from the LockBit ransomware gang however had not paid something to this point. Generally, the Canadian authorities’s cybersecurity steering discouraged the paying of ransoms, Strathdee mentioned, however the city would comply with the incident group’s recommendation on the best way to interact additional.
Screenshots shared on the LockBit website present the file construction of a Home windows working system, containing directories comparable to municipal operations like finance, well being and security, sewage therapy, property recordsdata, and public works. Per LockBit’s customary working strategies, the city was given a deadline by which to pay to have their methods unlocked or else see the info printed on-line.
Brett O’Reilly, communications supervisor for the city of St. Marys, directed The Verge to a press statement issued by St. Marys wherein the city gave additional particulars. Per the assertion, important municipal companies like transit and water methods have been unaffected by the incident, and the city is making an attempt to unlock IT methods and restore backup knowledge.
In keeping with an evaluation by Recorded Future, the LockBit group alone took credit score for 50 ransomware incidents in June 2022, making it essentially the most prolific world ransomware group. In actual fact, St. Marys is the second small city to be focused by LockBit within the house of simply over per week: on July 14th, LockBit listed knowledge from the city of Frederick, Colorado (inhabitants 15,000) as having been hacked, a declare that’s presently under investigation by town officials. The LockBit itemizing for Frederick presently calls for a ransom of $200,000 to not publish the info.
More and more, smaller municipalities are discovering themselves the targets of refined world ransomware teams with intensive technical data and assets. In March, the FBI cyber division published a notification to non-public trade companions of presidency companies, noting that ransomware assaults have been “straining native US governments and public companies.”