Photo-illustration (REUTERS/Mal Langsdon).
An Alaskan community had to dust off the typewriter after a major ransomware attacks.
The BBC reports that after the attack encrypted Matanuska-Susitna the e-mail server, internal systems and disaster recovery servers, staff used typewriters. A spokeswoman for the municipality told the BBC that the workers had “resourceful” dusted off the typewriter and writing receipts by hand.
In a report released Monday, the Municipality’s director Eric Wyatt said that there was a Trojan, a form of malware was detected on 17 July. The attack then escalated, the virus with the launch of Crypto ransomware Locker.
The ransomware began encrypting files on servers and workstations. Almost all of the town’s 500 workstations, includes both Windows 10 and Windows 7, and 120 of the 150 servers, were infected.
CITY OF ATLANTA HIT BY RANSOMWARE ATTACKS
In a ransomware attack, hackers typically encode a computer network data to keep, ‘hostage’, provides a digital decryption key to unlock it for a certain price. However, Wyatt said that the cyber attack against Matanuska-Susitna does not bear the characteristics of a classic ransomware attack.
“This encryption is portrayed as a ransomware attacks, but the real goal may be to the traces of the other components,” he wrote.
In a statement released Monday, the Municipality said that most of the data survived the attack.
“Despite the advanced level of the attack, the Municipality’s back-up servers save it to the local government documents are structured in a way that protected the most of the data. Credit cards are not stored online and were never in danger,” wrote.
SCARY RANSOMWARE ATTACKS FAMOUS NORTH CAROLINA COUNTY
On 24 July, the Municipality first disconnected the servers from each other, disconnected from the community itself, the Internet, phones and e-mail. “Since then, the infrastructure is slowly but surely built computers, cleaned, and back, and e-mail, telephone and Internet connection still restored,” he said.
However, Wyatt described the attack as very well organized. “It is not a child in his mom’s basement,” he said in the statement. “Because we are getting the information and sharing with other entities, hopefully they can weather the storm.”
Wyatt said that the city of Valdez, Alaska, and other locations in the U.S. have been hit with a virus that seems similar to the one that attacked Matanuska-Susitna.
At a meeting on Tuesday evening, Matanuska-Susitna Borough Manager John Moosey said the cyber attack a disaster. Moosey told the public that the statement gives the Municipality access to insurance, the emergency part of the budget and the possible FEMA assistance.
HACKER GOALS SACRAMENTO REGIONAL TRANSIT, REMOVES 30 MILLION FILES IN RANSOMWARE ATTACKS
Earlier this year, the City of Atlanta was focused on a ransomware attack that mpacted a number of its systems. A virulent form of ransomware known as SamSam was used against the City.
Last year, a major ransomware attacks forced the shut down of a host of IT systems in Mecklenburg County, North Carolina.
Also in 2017, a hacker targeted Sacramento Regional Transit, the removal of 30 million files in a ransomware attack. Officials worked to restore the data from backup files.
In 2016, a Los Angeles hospital paid a ransom of nearly $17,000 in bitcoins to hackers who infiltrated and disabled its computer network.
SHIPPING GIANT HIT BY A CYBER ATTACK, REFUSES TO PAY HACKERS’ RANSOM
Cybersecurity specialist Sophos released a study Tuesday that sheds a new light on the scale of the ransomware threat. SamSam, it reported, has led to nearly $6 million in ransom revenues since inception (32 months ago.
Sophos Principal Research Scientist Chester Wisniewski told Fox News that SamSam is focused on a wide range of organisations. “This is not just in the health care and the government, we have seen that the attacks against just about anything,” he said. “It was probably opportunistic – if you are truly locked they move on to the next organization, but if they have a door that is ajar, they are more than happy to take you for a ransom.”
“It is more premeditated than the traditional forms of ransomware],” Wisniewski added. “They do their research to know when your company is open and closed when they break they are incapacitating your back-ups.”
The Associated Press contributed to this report.
Follow James Rogers on Twitter @jamesjrogers