An unnamed US county – perhaps in Ohio – paid $1M extortion demand to cybercriminals

Summary

An unnamed U.S. county, potentially in Ohio, paid a $1 million extortion demand to cybercriminals. Leaked negotiation transcripts reveal details of the incident, indicating a successful ransomware attack.

IFF Assessment

FOE

This is bad news for defenders as it demonstrates that cybercriminals are successfully extorting significant sums from public sector organizations, encouraging further attacks.

Defender Context

This incident highlights the ongoing threat of ransomware to local government entities, which often possess sensitive data and limited cybersecurity resources. Defenders should focus on robust backup strategies, incident response planning, and user awareness training to mitigate such risks.

Read Full Story →