Tag Archive for: Fulton

Site run by cyber criminals behind Fulton County ransomware attack taken over

/in


Fulton County hacker site taken offline

A hacking group that claims to be behind Fulton County’s ransomware attack has been taken offline buy international law enforcement.

FULTON COUNTY, Ga.International officials believe they have gotten to the bottom of a cyberattack in Fulton County.

On Monday, a website belonging to a group of accused cyber criminals who claimed responsibility for the ransomware incident in Fulton County was taken down by the National Crime Agency of the UK.

The international law enforcement group working in conjunction with the FBI says they will report more information about the takeover on Feb. 20.

Lockbit website reportedly taken over by The National Crime Agency of the UK. This screenshot was taken on Feb. 19, 2024.

What Fulton County systems are impacted by the cyberattack?

Officials say the cyberattack in late January affected the county’s phone system, court system, tax system and jailhouse.

“A number of our primary technology platforms are affected by this incident,” Fulton County Board of Commissioners Chairman Robb Pitts said. Two weeks later, officials revealed that the attack may have been financially motivated.

Was my personal information compromised during Fulton County ransomware attack?

Fulton County did not say what information hackers might have, but according to a screenshot from the alleged hacking group’s website posted on social media, it might include confidential documents and personal data of citizens.

Last week, the Lockbit group threatened to release the data they stole.

The hackers gave Fulton County until Feb. 16 to pay a ransom. FOX 5 Atlanta reached out to determine whether it was paid, but has not received an answer.

“If we determine sensitive personal information was involved in this incident, we will notify those parties in accordance with legal requirements,” Pitts said.

The county says the investigation is ongoing and warns the situation is not unique to Fulton County.

“Incidents like these are on the rise across the United States and the world, particularly in local governments and we at Fulton County are no exception,” Pitts said.

In the meantime, Fulton County officials say they are working to strengthen…

Source…

Did Fulton County pay in the ransomware attack?

/in


Fulton’s External Affairs department did not respond to questions about the possible ransom payment Friday, instead posting social media updates on Arbor Day and county office closures for Presidents’ Day.

Public announcements of such ransom payments are rare and often low-key, but that doesn’t mean they’re uncommon, said Doug Milburn, founder and president of Canadian security software firm 45Drives.

“Paying up is what happens,” he said. “It’s really the only option.”

A payment through cybersecurity insurance doesn’t require further formal action by the government, since it involves no appropriation of funds beyond the regular insurance premium, Milburn said.

Payments in Bitcoin are now the standard for ransomware attacks, he said.

Notorious hacking group LockBit claimed responsibility for the attack, which took took down many county systems the weekend of Jan. 27.

In a posting on the dark web, LockBit hackers set a deadline of 12:47 a.m. Friday for the county to prevent release of sensitive data. No ransom was specified, but county officials confirmed this week that the attack was ransomware, meaning a demand may have been sent privately to the county.

The hackers posted more than two dozen screen shots of apparently stolen data; some of it was of documents available to the public, but other posts seemed to be from the inner workings of county computer systems.

As the deadline passed Friday, the countdown clock disappeared followed by the disappearance of the screenshots. Yet LockBit hackers posted deadlines for new targets, and expired posts on other previous victims remained up.

Jack Danahy, vice president of Strategy & Innovation for Vermont-based cybersecurity firm NuHarbor Security, said it looks like to him that “some agreement” was reached with the attackers, judging by county officials’ vague but shifting descriptions of the situation over the past three weeks. Commissioners twice went into closed-door executive sessions recently, only to come out without taking any official action or answering questions.

“Given that the LockBit group’s threat to reveal information has been taken down, and that there has been no broad publication of stolen data, to me…

Source…

Hackers Remove Threat to Post Stolen Fulton County Data

/in


(TNS) — The countdown clock on a website containing screenshots of information stolen from Fulton County servers two weeks ago hit zero at 12:47 a.m. Friday, and then disappeared.

On a list of nearly 1,000 government and corporate victims of the LockBit hacking group, the status of the Fulton County data release was “published” but no download link appeared.

By 1:15 a.m., the Fulton County data post had vanished from the site.


It’s unclear if a ransom was paid or if the hacking group was updating the site with the stolen data. The county first announced a breach of its servers on January 29.

Earlier this week, the group posted two dozen screenshots of seemingly legitimate county documents as well as information about servers maintained by the county. On the same page, in bold red type, was a deadline: “16 Feb, 2024 05:47:29 UTC” — or 12:47 a.m. Eastern time on Friday.

In their initial post claiming responsibility for the hack, the group wrote that the data would “reveal lists of individuals responsible for confidentiality” and “show documents related to access to the state citizens’ personal data.”

On Wednesday, County Commission Chairman Rob Pitts said that personal information may have been compromised in the ransomware attack.

The website, accessible only through a browser capable of decrypting content on the dark web, lists nearly 1,000 other governments, companies and websites that are alleged victims of LockBit’s ransomware attacks.

The website also provides visitors with information on how to contact the hackers, as well as a link with instructions on how to purchase Bitcoin. No ransom amount was listed for the Fulton County data, but at least one company’s data is available for purchase or deletion for $800,000.

State and federal law enforcement agencies are involved in the investigation, and county officials have cited that process in limiting details released about the cyberattack that took took down many county systems the weekend of Jan. 27.

All county offices have reopened but many continue to use work-arounds to compensate for computer systems that are still down. The attack took…

Source…

Cyber-security expert believes it will take months before Fulton Co. recovers from cyberattack

/in


A cyber-security expert says it could take months before Fulton County fully recovers from a ransomware attack.

[DOWNLOAD: Free WSB-TV News app for alerts as news breaks]

It’s been nearly three weeks since the county government’s computer system was hacked, disrupting many services.

Channel 2′s Bryan Mims was in Roswell where county officials are also saying some personal information may have been leaked.

They haven’t said whether it was county employees or residents whose information may have been compromised.

Many services are still down. The East Roswell Library is open, but all the computers are out of service.

RELATED STORIES:

Cybersecurity expert Rajiv Garb says you can protect yourself if you’re concerned your information has been exposed.

Garb says that could take weeks to months and we’re three weeks into this attack.

Chairman Robb Pitts said if any personal information has been compromised, the county will offer services to protect the victims.

The county is providing updates on the breach on its website.

[SIGN UP: WSB-TV Daily Headlines Newsletter]

IN OTHER NEWS:

Source…