An unnamed US county paid $1M extortion demand to cybercriminals


A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just the criminals’ promise.

This means the county’s stolen files may turn up for sale on a dark web forum, and the same (or another) crime crew could again demand an extortion payment to not leak the data.

It’s also a reminder that, despite the feds urging victims not to pay cybercriminals, sometimes coughing up the ransom demand seems to be the lesser of evils.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Largest water utility company in the US says it was targeted by a cyberattack

    October 8, 2024

    American Water Works, the nation’s largest regulated water and wastewater utility company, announced Monday that it was hit by a cyberattack earlier this month, prompting it to pause billing for its millions of customers. The Camden, New Jersey-based utility company said it became aware of “unauthorized activity” in their computer networks and systems last Thursday, which ...

  • U.S. Wiretap Systems Targeted in China-Linked Hack

    October 5, 2024

    A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests. For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to ...

  • DHS: Cyber Cops Stopped 500 Ransomware Hacks Since 2021

    October 4, 2024

    A cybercrime-focused division of the US Department of Homeland Security says it has disrupted more than 500 ransomware attacks and seized billions of dollars in cryptocurrency since 2021. The ongoing effort from Homeland Security Investigations, which investigates cybercrime and illicit transnational activity, involves proactively notifying government agencies, companies and other potential victims that an extortion event ...

  • About a quarter million Comcast subscribers had their data stolen from debt collector

    October 4, 2024

    Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion. That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with ...

  • CISA flags major Ivanti security flaw – patch now

    October 3, 2024

    The US Cybersecurity and Infrastructure Security Agency (CISA) has added a known Ivanti bug to its Known Exploited Vulnerabilities (KEV) catalog, signalling that it’s being actively abused in the wild. The bug that was just added is an SQL Injection vulnerability, found this spring in the Core server of Ivanti Endpoint Manager (EPM) 2022 SU5 and ...

  • Principles of operational technology cyber security

    October 1, 2024

    Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cyber security and safety ...