Connect with us

Hi, what are you looking for?

Tech & Science

Illinois local government stalls in wake of a cyberattack

Since the Alphv/BlackCat and LockBit takedowns, smaller Ransomware as a Service (RaaS) groups are attempting to recruit displaced affiliates.

Image: — © AFP
Image: — © AFP

Henry Country, Illinois, fell victim to a ransomware attack during March 2024. This was triggered by the activities of the Medusa ransomware group. This group of malicious actors is one of the smaller cybersecurity outfits; nevertheless, diminutive stature in the cyber world still means that damage can be inflicted.

Since the Alphv/BlackCat and LockBit takedowns, smaller Ransomware as a Service (RaaS) groups are attempting to recruit displaced affiliates.

According to The Record, the cyber-incident prompted county officials to seek assistance from law enforcement and government cybersecurity agencies in investigating the incident amid ongoing efforts to restore affected systems.

Looking into the issue for Digital Journal is Nick Tausek, Lead Security Automation Architect at Swimlane.

Tausek begins by presenting the details of the cybersecurity incident: “Henry County, Illinois, became the latest victim of cyberattacks targeting local governments. The ransomware attack, which occurred on March 18, was claimed by the Medusa Ransomware group.”

Tausek next builds up a picture of a succession of cyberattacks on local government infrastructure within the U.S., noting: “This marks the fourth cyberattack on local governments disclosed in March alone. Earlier this week, the city government of Jacksonville Beach, Florida, revealed a January cyberattack claimed by the LockBit ransomware group impacted nearly 49,000 residents. Similarly, the city of Birmingham, Alabama, reported a network outage in early March that is still causing disruptions in government services. A cyberattack that occurred last weekend in Pensacola, Florida, is also causing widespread phone outages across city departments.”

As to the form of attack, ‘ransomware’ springs to mind as Tausek considers: “While it is not confirmed whether all of these attacks involve ransomware, there is a clear trend of threat actors targeting local governments given their trove of sensitive personal data.”

A reason for such municipal vulnerability is under-investment in technology at the local level. Tausek observes: “Local governments’ cybersecurity departments tend to be underfunded and, as a result, ill-equipped to handle the rapidly expanding threat landscape. Between a shortage of available talent at the salaries local governments can afford and the insufficient funds for tooling compared to enterprise and national governments, they remain a strong target for threat actors.”

To address this, radical change is required. As an example, Tausek puts forwards: “These local governments must take the necessary precautions to mitigate these threats. Proactive cybersecurity measures include a strong incidence response plan.”

Furthermore, Tausek recommends: “This plan should include a centralized platform for detection, investigation and response to threats. The use of a security automation platform also allows cybersecurity teams to streamline monitoring and reduce response times, facing these threats with complete visibility.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

The opioid epidemic costs the U.S. over $1.5 trillion annually, overloading hospitals, public health systems, and law enforcement.

Tech & Science

The GenAI Collective was launched in San Francisco by a group of AI enthusiasts in February of 2023.

Social Media

Expat "mumfluencers" are taking to TikTok to sing the praises of life in Saudi Arabia and to extol the virtues of its new NEOM...

Tech & Science

Australia joins the list of countries imposing a ban on DeepSeek’s usage. This latest country to sign up to a ban adds.