Original Post from InfoSecurity Magazine
REvil Rocks Jupiter
A malware attack on the Florida town of Jupiter has caused problems that are out of this world.
The Palm Beach County conurbation was struck with REvil ransomware, also known as Sodinokibi, on March 21 in an attack that took down the town’s computer system for three weeks.
Kate Moretto, Jupiter’s public information officer, confirmed that multiple files had been encrypted as a result of the incident.
The threat that came out of cyberspace made it impossible for Town of Jupiter employees to access their email accounts to conduct town business. Residents were left unable to make utility payments using online services, and the town’s online plan-submission system was also knocked offline.
Speaking on April 1, Moretto said the town was still trying to find out how the malware had infiltrated its computer network.
Asked if the town would be paying a ransom to threat actors to retrieve its encrypted files, Moretto said that Jupiter had not engaged with any links and hadn’t viewed any ransom demands. Instead, the town is recovering what data it can from backups, which Moretto described as “quite good.”
“I don’t think there’s anything that’s kept it from being resolved,” Moretto said. “I just think it’s a very careful process to get everything back in place.”
Jupiter’s mayor Todd Wodraska said that the timing of the attack, which befell the town in the midst of the COVID-19 health crisis, was “kind of awful.”
Wodraska said: “It feels like most business types of things have really slowed down or whatever but it’s a terrible time to lose your emails because that’s really the best way of communicating with people given that you’re not supposed to be face-to-face.”
Residents were asked to pay their water bills through the mail or by leaving payments in a drop-off box in the town hall.
Jupiter councilman Ilan Kaufer said that while the town’s computer systems were down, he and other councilors communicated with residents via Facebook.
By April 10, most of the town’s digital services have been restored, and the town website is once again operational.
This was the second such attack on Jupiter, which suffered its first run-in with ransomware in December 2018.
Go to Source