Ransomware disrupted important U.S.-based utilities and services organizations in January, including a municipal water treatment organization, which is a sector that's become a growing target for attackers.
The persistent ransomware threat continued last month following what many cybersecurity vendors and threat reports called a record year for ransomware in 2023.
Throughout January, ransomware impeded operations for victims in the government and critical infrastructure sectors, including water and wastewater treatment services.
An investigation into the attack remains ongoing, and the incident forced Veolia to reexamine its cybersecurity posture.
There were more public sector utilities and services disrupted last month.
A ransomware attack on Jan. 21 against Bucks County in Pennsylvania temporarily disrupted the county's emergency communications database.
The Akira ransomware group claimed responsibility for the attack, which rendered Bucks County's computer-aided dispatch system inoperable for nine days.
Law enforcement agencies, the fire department and ambulance services use the tool to record incident data, but the attack forced them to revert to pen and paper.
Around 650,000 residents live in Bucks County and were able to make 911 calls despite the attack, but fallout was still substantial.
The Medusa ransomware group, which was highly active throughout 2023, claimed responsibility for an attack against the Kansas City Area Transportation Authority that occurred on Jan. 23.
KCATA disclosed the attack on Jan. 24 and confirmed that it disrupted the regional RideKC call centers and landline service.
KCATA engaged the FBI and security professionals following the ransomware attack.
A Water for People spokesperson told cybersecurity news outlet The Record that the affected data predated 2021, and more importantly, the attack did not disrupt business operations.
One particularly damaging attack occurred against Clackamas Community College in Oregon, which has an enrollment of more than 18,000 students.
The Clackamas Print reported that authorities traced the attack to a Russian IP address.
The attack also coincided with the last day to drop winter classes, so that deadline was delayed.
In response to the attack, students were asked to reset their passwords.
The infamous LockBit ransomware group claimed responsibility for the attack on its public data leak site.
One of the biggest attacks in January hit an enterprise in the financial sector.
LoanDepot also said it was still working to restore all services and that the attack affected a significant number of customers.
This Cyber News was published on www.techtarget.com. Publication date: Thu, 15 Feb 2024 19:13:16 +0000