BTC $70614.7035
ETH $3511.7004
BNB $620.2579
SOL $173.0218
XRP $0.6097
stETH $3507.5030
DOGE $0.1974
TON $7.0340
ADA $0.5814
AVAX $46.2782
wstETH $4079.6154
DOT $8.3856
BCH $610.3232
WETH $3506.2796
WBTC $70620.3107
TRX $0.1214
LINK $17.6767
MATIC $0.8810
UNI $9.1130
LTC $98.3227
ICP $15.5376
CAKE $3.7378
DAI $0.9997
IMX $2.5624
ETC $33.6826
RNDR $9.0476
STX $3.0152
FIL $8.0739
MNT $1.3057
TAO $634.6650
NEAR $6.7707
HBAR $0.0996
ATOM $10.7689
VET $0.0473
OKB $56.7850
WIF $3.4067
FDUSD $1.0024
KAS $0.1425
MKR $3339.9801
PEPE $0.0000
GRT $0.3118
THETA $2.9461
INJ $31.7489
FET $2.5268
XLM $0.1299
XMR $133.8901
USDE $1.0008
BTC $70614.7035
ETH $3511.7004
BNB $620.2579
SOL $173.0218
XRP $0.6097
stETH $3507.5030
DOGE $0.1974
TON $7.0340
ADA $0.5814
AVAX $46.2782
wstETH $4079.6154
DOT $8.3856
BCH $610.3232
WETH $3506.2796
WBTC $70620.3107
TRX $0.1214
LINK $17.6767
MATIC $0.8810
UNI $9.1130
LTC $98.3227
ICP $15.5376
CAKE $3.7378
DAI $0.9997
IMX $2.5624
ETC $33.6826
RNDR $9.0476
STX $3.0152
FIL $8.0739
MNT $1.3057
TAO $634.6650
NEAR $6.7707
HBAR $0.0996
ATOM $10.7689
VET $0.0473
OKB $56.7850
WIF $3.4067
FDUSD $1.0024
KAS $0.1425
MKR $3339.9801
PEPE $0.0000
GRT $0.3118
THETA $2.9461
INJ $31.7489
FET $2.5268
XLM $0.1299
XMR $133.8901
USDE $1.0008
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • BlackCat brought New York court into the 20th century

    The cyberattack forced civil servants to switch to pen and paper in their work.

    Suffolk County in New York has completed an investigation into a devastating ransomware attack that forced government employees to switch to pen and paper.

    A September 2022 attack leaked the confidential information of more than 1.5 million Long Island residents. The BlackCat/AlphV ransomware group claimed responsibility for the incident and released 400GB of stolen data, including thousands of Social Security Numbers (SSNs).

    The investigation found that hackers broke into the county court office in December 2021 using the Log4j vulnerability. For 8 months, cybercriminals were in the networks of the institution and installed miners, exfiltration tools, created fake accounts, collected credentials and installed remote monitoring tools.

    By August 2022, hackers managed to gain access to a folder containing passwords to "critical systems that were stored unprotected on the court's network." Then, within 3 hours, the attackers were able to infiltrate the institution's wider IT environment.

    Gaining access to this folder with passwords is one of the main reasons for the attack, as the folder gave hackers access to "database systems, servers, phone systems, backup systems, network devices, file shares, service accounts, critical operating systems, web hosting, anti-virus software, software for monitoring the network and other objects.

    After that, the hackers spent months laying the groundwork for the attack, and on September 1, they extracted massive data sets. On September 8, cybercriminals deployed ransomware. The attackers first demanded a ransom of $2.5 million and then lowered the price to $500,000. According to court documents, the ransomers never received the ransom.

    Despite such a long period of hackers being on the network, the attack affected only 1.6% of systems in all network domains. However, the consequences were far-reaching:

    Employees had to shut down email systems for more than 10,000 office workers, forcing many to use pen and paper to provide government services.
    Emergency dispatchers have been manually taking calls for weeks, and police have been using the radio to exchange crime information due to network outages.
    Contractors were paid by paper checks due to concerns that hackers were monitoring the transfer systems.

    The leaked data also contains driver's license numbers that are linked to 470,000 traffic violations, as well as information and contracts from the Suffolk County court, the sheriff's office and other agencies. The county said it would provide "identity protection" services to victims.

    Suffolk County Executive Stephen Bellone said the attack was due to the low cyber security of the office's systems. Bellone said the institution had long been asked to implement county-wide cybersecurity arrangements, but one IT staffer refused to do so. Moreover, the county allocated funds to install a security system that was never implemented.

    The district office is currently working with Cisco and Palo Alto Networks to restore the systems. It is noted that significant parts of the district network have been restored and have been operating for almost 2 months. The county reportedly spent nearly $5.5 million to restore systems and investigate the incident.

    Author DeepWeb
    Pakistani APT36 masquerades as training materials for cyberattacks on India
    Proxyjacking has become a profitable business for cybercriminals

    Comments 0

    Add comment