According to city officials, the Russian group LockBit is behind this cyberattack. The first examples of its activity date back to 2019.

what is known

• Encryption ransomware denied employees access to internal systems and data that was now encrypted.
• Apparently, the attackers had access to all residents’ data – close 7.5 thousand people.
• In general, they reported receipts on their website 67 gigabytes of dataincluding confidential information and financial documents.
• st. Marys officials learned of the attack around 11:00 am on July 20, 2022 and quickly shut down the city’s yet unaffected IT systems to isolate the network and prevent further damage.
• According to the administration, municipal services and the city’s transport, water supply and drainage systems were not affected and are operating as usual.

The countdown timer showed The city has until noon on July 30 to pay the ransom., otherwise the data will be published. The exact amount of the ransom is unknown, and it is unknown whether his city will pay it. However, cybersecurity consultants and lawyers advise against it.

LockBit: known

• This is a well-known Russian group that distributes encryption programs on the basis of “virus as a service” and actually leases its virus to other hackers. Therefore, St. The possibility remains that the attack on Marys was behind their customers and not the creators themselves.
• In 2021, cybersecurity experts Emsisoft estimated that LockBit has carried out more than 39,000 attacks since its inception.
• Criminals target organizations of all sizes, from small businesses to corporate businesses.