Ransomware gang Cloak today claimed responsibility for a February 2025 cyber attack on the Attorney General of Virginia that prompted officials to shut down computer systems including email, VPN, internet access, and the AG’s website.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Cloak is a ransomware group that first started claiming its cyberattacks in August 2023. Its malware both steals data and locks down computer systems, forcing victims to pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud.”
“Since it began, Cloak has claimed 13 confirmed ransomware attacks and 54 unconfirmed attacks that weren’t acknowledged by the targeted organizations. This attack on the Virginia attorney general is Cloak’s first confirmed attack in 2025. Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, and people whose data was stolen are put at greater risk of fraud. Ransomware can disrupt everything from communications to billing, payroll, access to data and applications, and online services.”
“Comparitech researchers have logged 10 confirmed ransomware attacks on US government agencies in 2025 so far. Earlier this week, we confirmed Qilin’s attack on the Cleveland Municipal Court, which is still facing service disruptions three weeks later.”
Additionally, Comparitech recently released two studies looking into the impacts of ransomware attacks against US and worldwide government organizations. Those are worth a read.
Like this:
Like Loading...
Related
This entry was posted on March 20, 2025 at 2:00 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware Gang Cloak Claims To Have Pwned VA Attorney General
Ransomware gang Cloak today claimed responsibility for a February 2025 cyber attack on the Attorney General of Virginia that prompted officials to shut down computer systems including email, VPN, internet access, and the AG’s website.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Cloak is a ransomware group that first started claiming its cyberattacks in August 2023. Its malware both steals data and locks down computer systems, forcing victims to pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud.”
“Since it began, Cloak has claimed 13 confirmed ransomware attacks and 54 unconfirmed attacks that weren’t acknowledged by the targeted organizations. This attack on the Virginia attorney general is Cloak’s first confirmed attack in 2025. Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, and people whose data was stolen are put at greater risk of fraud. Ransomware can disrupt everything from communications to billing, payroll, access to data and applications, and online services.”
“Comparitech researchers have logged 10 confirmed ransomware attacks on US government agencies in 2025 so far. Earlier this week, we confirmed Qilin’s attack on the Cleveland Municipal Court, which is still facing service disruptions three weeks later.”
Additionally, Comparitech recently released two studies looking into the impacts of ransomware attacks against US and worldwide government organizations. Those are worth a read.
Share this:
Like this:
Related
This entry was posted on March 20, 2025 at 2:00 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.