The City of Florence located in Alabama State of North America is said to have become a victim of a Ransomware attack on June 5th,2020. And the news is out that the hackers managed to lock down access to servers containing sensitive information of the public and are reportedly demanding a ransom of $300,000 to free up the data.
In general, Florence city of Alabama contains around 40,000 populace and was pre-alerted by the security researchers from KrebsOnSecurity about a possible malware attack in May 2020.
Factually speaking, it was actually a tip-off given by Milwaukee based Cybersecurity firm named Hold Security which was later highlighted by the researchers of KrebsOnSecurity to the mayor of Florence that the city servers operating with Windows 10 OS were about to be exploited by a ransomware gang.
But as almost all the officials related to the City’s administration played a deaf ear to the alert it has now resulted in a serious cyber attack on the servers of the city.
IT authorities managing the servers of the town say that they are left with only one option of paying the ransom as they do not want the details of their citizens to be made public on the web or in the media.
On Friday last week, Mayor Steve Holt confirmed the cyber attack and said that most of the systems related to the city were shut down due to the attack.
Hackers gang which distributes DopplePaymer Ransomware is said to be behind the incident and have strictly announced that the city has the only option to bow down to their demands or face serious consequences,
Note 1- Information is out that the attack was caused due to a phishing attack that took place on Steve Price, the city’s IT Manager whose Microsoft credentials were stolen on May 6th of this year.
Note 2- Although the manager took all measures to neutralize the repercussions of the phishing attack, as they lacked data backups, they are now left with the only option of paying a ransom of $300,000 in bitcoins ( 30 BTC appx).
Note 3- Nowadays, hackers’ gangs spreading ransomware are first seen stealing a portion of data from the server and then encrypting it with the malware. So, in case the victim denies paying a ransom, they can earn some currency by selling the stolen data on the dark web.