Ransomware redefining crime

The romance of ransomware attacks with local self-governing bodies is not new. When WannaCry had been declared dead and gone for long, it resurfaced in quite a few municipalities in the US in 2019 and some of them ended up paying ransom. Now, the similar story seems to be getting re-enacted, this time its Canada.

With the recent attack on 22ndJuly, a post on LockBit’s dark web site listed townofstmarys.com as a victim of the ransomware and previewed files that had been stolen and encrypted. All it seems that, RANSOMWARE IS REDEFINING CRIME.

The Canadian town of St. Marys, Ontario, has been hit by a ransomware attack that has locked staff out of internal systems and encrypted data. The small town of around 7,500 residents seems to be the latest target of the notorious LockBit ransomware group. The notorious ransomware gang locked the internal servers and encrypted the data of St. Marys, a town in southwestern Ontario.

Cyber attackers who launch these malwares demand a ransom from the victims in order to not compromise their data. The town’s Mayor Al Strathdee said. “We have a skilled and knowledgeable team of Town staff, cyber security experts and legal counsel working around the clock to resolve any issues related to this incident,”

The threat becomes significant as not only individuals but private or government organizations, businesses or even entire towns and cities can get under attack and lose control over their data.

Critical municipal services such as fire, police, transit, and water/wastewater systems were unaffected by the incident and are operating as usual. The visitors of St Mary’s website are greeted with a message saying the town is investigating a cyber security incident that locked an internal server and encrypted the data. The LockBit cartel gave the town a deadline to pay the ransom or have their data published online.

According to reports, no ransom has been paid as of yet and the town asserts that the majority of city operations are still in place, and that staff members are still employed and receiving pay.

Their website reports investigating the source of the incident, restoring the backup data and also assessing the impact on the information. They are confident that they would come out successfully based on the nature of the team available with them to crack the case and restore operational normalcy. Their internal server was locked and data was encrypted. They claim that the city functions are running normally despite the attack.