«
»

Town Of St. Mary’s Ontario Pwned By LockBit Ransomware Group

The Verge is reporting that the Town of St. Mary’s Ontario has apparently become the latest victim of the LockBit ransomware group:

In a phone call, St. Marys Mayor Al Strathdee told The Verge that the town was responding to the attack with the help of a team of experts.

“To be honest, we’re in somewhat of a state of shock,” Strathdee said. “It’s not a good feeling to be targeted, but the experts we’ve hired have identified what the threat is and are walking us through how to respond. Police are interested and have dedicated resources to the case … there are people here working on it 24/7.”

Strathdee said that after systems were locked, the town had received a ransom demand from the LockBit ransomware gang but had not paid anything to date. In general, the Canadian government’s cybersecurity guidance discouraged the paying of ransoms, Strathdee said, but the town would follow the incident team’s advice on how to engage further.

Screenshots shared on the LockBit site show the file structure of a Windows operating system, containing directories corresponding to municipal operations like finance, health and safety, sewage treatment, property files, and public works. Per LockBit’s standard operating methods, the town was given a deadline by which to pay to have their systems unlocked or else see the data published online.

Small towns are now the target of groups like LockBit as it’s thought that they can’t defend themselves as well as big cities. Eddy Bobritsky, CEO, Minerva Labs had this comment:

Without the proper security software it can be very difficult to recover from a ransomware attack without paying the ransom. Ransomware attacks often lie in the network for months before activating, which means that if you’re relying on backups to recover, chances are you’ve also backed up the ransomware itself. So as soon as you restore the backup, you’ll just get reencypted straight away. Without proactive ransomware prevention software, this process becomes very tedious and ineffective.

The more positive news is that essential municipal services like transit and water systems are still up and running, and the town is attempting to unlock their systems and restore backup data. So there may be a way out for them. But this incident illustrates that everyone needs to be on guard so that they don’t get pwned.

This entry was posted on July 25, 2022 at 11:28 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Town Of St. Mary’s Ontario Pwned By LockBit Ransomware Group”

  1. LockBit Pwns Again…. This Time It’s Italy’s Tax Agency Who Gets Pwned | The IT Nerd Says:
    July 26, 2022 at 9:42 am

    […] The LockBit ransomware group has been on a rampage as of late. The group has once again claimed to have stolen mass amounts of data, this time from Italy’s tax agency. The 78GB haul stolen from the Italian Revenue Agency was added to its dark web leak site. The ransomware gang has given the Agency five days to pay the ransomware to avoid the leak of stolen data. This is after the Town Of St. Mary’s Ontario was apparently pwned by the group. […]

    Reply

Leave a Reply

%d bloggers like this: