An unnamed US county paid $1M extortion demand to cybercriminals


A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just the criminals’ promise.

This means the county’s stolen files may turn up for sale on a dark web forum, and the same (or another) crime crew could again demand an extortion payment to not leak the data.

It’s also a reminder that, despite the feds urging victims not to pay cybercriminals, sometimes coughing up the ransom demand seems to be the lesser of evils.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Tulsa warns of data breach after Conti ransomware leaks police citations

    June 23, 2021

    The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online. In early May, Tulsa suffered a ransomware attack that led to the City shutting down its network to prevent the spread of the malware. The attack disrupted Tulsa’s online bill payment systems, utility ...

  • Russia to work with US on identifying hackers as part of an agreement, FSB chief says

    June 23, 2021

    Russia will cooperate with the United States in the field of identifying ransomware hackers as part of an agreement between the two countries’ presidents, Director of Russia’s Federal Security Service Alexander Bortnikov said in his opening remarks at the IX Moscow Conference on International Security. “We are carrying out steps as part of the agreements reached ...

  • Kremlin spokesman lists top countries where cyber attacks originate

    June 17, 2021

    Kremlin Spokesman Dmitry Peskov has prepared a list of the top countries, where cyber attacks originate, at the request of Russian President Vladimir Putin, handing over this list to reporters. “In the first half of 2020, the leaders among all countries where all types of cyber attacks originated are: the US, Canada, Brazil, Mexico, the UK,” ...

  • Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks

    June 17, 2021

    President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack. Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services. “We’ll find out whether we have a cybersecurity arrangement ...

  • Billions of records belonging to CVS Health exposed online

    June 16, 2021

    In another example of misconfigured cloud services impacting security, billions of records belonging to CVS Health have been exposed online. On Thursday, WebsitePlanet, together with researcher Jeremiah Fowler, revealed the discovery of an online database belonging to CVS Health. The database was not password-protection and had no form of authentication in place to prevent unauthorized entry. Upon ...

  • The AN0M fake secure chat app may have been too clever for its own good

    June 14, 2021

    Late last week, FBI International Operations Division legal attaché for Australia Anthony Russo added another important piece of information: speaking to Australian newspapers he said one reason for discontinuing use of AN0M was that it produced too much intelligence. “The volume was increasing at a scale and our ability to resource it and monitoring ...