The notorious gang ransomware LockBit took responsibility for a cyber attack at City of Wichita, in Kansas. The attack forced city officials to shut down IT systems used for electronic payment accounts, including court fines, water bills and public transport.
Last Sunday, May 5, 2024, city authorities announced that they were facing a catastrophic cyber attackafter a ransomware encrypted parts of its network. IT experts shut down several systems in order to stop the spread of the attack. This, however, affected several city departments.
“This decision was not taken lightly, but was necessary to ensure that the systems were safely tested before they were returned to service.", the statement said.
See also: Cannes Hospital attacked by LockBit Ransomware
The LockBit ransomware group claimed responsibility for the attack
The team LockBit ransomware added the city of Wichita to its extortion portal, threatening to publish all the stolen Archives on the website until 15 May 2024. According to the hackers, the city must pay the ransom to protect the data of.
In most cases, hackers give victims more time to negotiate before publicly threatening to leak data. However, the revelation of this leak comes just hours after the revealing the identity (for the first time) of the leader of ransomware firm LockBit. According to yesterday's announcement by the authorities, the 31-year-old Russian national Dmitry Yuryevich Khoroshev, who uses the online alias "LockBitSupp", is behind the management of LockBit.
The city of Wichita's quick listing on the group's extortion portal may be a retaliatory action for the recent businesses law enforcement. Beyond exposing the leader and imposing sanctions, the authorities had also hit the ransomware infrastructure, had recovered decryption keys and had arrested some members of the group. The gang returned with new infrastructure and continued the attacks, but it was all a serious blow.
Meanwhile, Wichita continues to have problems, with the latest update situation to say that the following services remain unavailable:
- Automatic payments for water bills are suspended.
- Problems with public Wi-Fi in some locations.
- Problems with electronic catalogue, bases data and some digital services of the Library.
- Problems with email communication over the city network for Library staff.
- And more.
See also: DragonForce ransomware: How is it related to LockBit?
Public services, including golf courses, parks, stadiums and the aquatic area, require residents to pay in cash or by check, while online platforms payments are closed.
In addition to the above, some public safety agencies have resorted to using "pen and paper" and Wichita Transit buses and landfill services can only accept cash payments.
While the city continues to investigate whether stolen data In the attack, the LockBit ransomware gang is known to steal data and threaten to leak it.
Protection from ransomware
One of the best ransomware protection techniques is the user education. Users should be aware of the ways in which ransomware can enter a system, such as phishing emails. They should be able to identify such threats.
The use of reliable antivirus software is also vital. This software can identify and remove ransomware before it can cause damage.
See also: LockBit ransomware leaks government contractor data
The tactical backup of data is another important protection technique. In case the system falls victim to ransomware, restoring data from a backup may be the only solution.
The use of software and operating system updates systems is also critical. Attackers often exploit vulnerabilities in older versions to install ransomware.
Finally, the use of network protection tools, such as firewalls and intrusion detection systems, can help prevent ransomware attacks.
Source : www.bleepingcomputer.com
