Officials at George County, Mississippi, have noted ongoing recovery efforts from a ransomware attack over the weekend that disrupted almost all of its government in-office computers, according to The Record, a news site by cybersecurity firm Recorded Future.
George County had its network compromised after a link in a phishing email masquerading as a system update notification was opened by a county employee, while a succeeding brute force attack facilitated the encryption of the county's entire system, said George County Communications Director Ken Flanagan.
"It was a highly coordinated attack and it also appears that after they encrypted all three servers, they went through each department looking at each individual computer to see what was the best data in there," Flanagan added.
Such an attack has prompted the approval of emergency cybersecurity service spending and the county has since restored one of its three servers and one of its major office systems by the afternoon of July 19.
While ransomware attacks against local governments across the U.S. during the first quarter have declined over the same period last year, threat actors have ramped up intrusions, with attacks in the second quarter higher than during the same period last year, noted Recorded Future ransomware analyst Allan Liska.
Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.
Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news