Officials at California's San Bernardino County have confirmed that the city has paid $1.1 million to attackers behind the compromise of its Sheriff's Department, which has led to the encryption of various files and the disruption of its systems, reports KABC-TV.
Only more than $511,000 has been shelled out by the city due to insurance coverage, with the payment agreed upon by the county and its insurer after negotiations with the attackers.
"The decision whether to render payment was the subject of careful consideration," said county officials.
Meanwhile, investigation into the incident continues but officials believe that phishing links may have been used by attackers to obtain initial access, which Tanium's Vivek Bhandari has been noting to be increasingly prevalent.
"The cost is pretty brutal, not just to financial but in the case of law enforcement it's the agency, the people they are serving," said Bhandari, who added that ransom payments would only prompt increased targeting from other threat actors.
North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
Major logistics firm DP World Australia has disclosed that a cyberattack that disrupted its operations earlier this month resulted in the theft of limited data from its current and former employees, reports BleepingComputer.