The Port Lavaca City Hall’s server was hit by Ryuk ransomware that apparently entered through the email system.
The attack incurred a bill amounting to nearly US$50,000 to the City.
The ransomware took down the local government’s server, and the city’s billing, and auto-pay systems, and disrupted other regular operations.
Staff collected cash, checks, and credit card payments at City Hall.
Hackers demanded a US$200,000 ransom to decrypt the data.
Source: https://cisomag.com/ryuk-ransomware-campaign-targets-port-lavaca-city-hall/
TPRM report: https://scoringcyber.rankiteo.com/company/city-of-port-lavaca
"id": "cit1512301222",
"linkid": "city-of-port-lavaca",
"type": "Ransomware",
"date": "02/2020",
"severity": "85",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Public Administration',
'location': 'Port Lavaca',
'name': 'Port Lavaca City Hall',
'type': 'Local Government'}],
'attack_vector': 'Email System',
'description': 'The Port Lavaca City Hall’s server was hit by Ryuk ransomware '
'that apparently entered through the email system. The attack '
'incurred a bill amounting to nearly US$50,000 to the City. '
'The ransomware took down the local government’s server, and '
'the city’s billing, and auto-pay systems, and disrupted other '
'regular operations. Staff collected cash, checks, and credit '
'card payments at City Hall. Hackers demanded a US$200,000 '
'ransom to decrypt the data.',
'impact': {'financial_loss': 'US$50,000',
'operational_impact': 'Disruption of regular operations',
'systems_affected': ['Local Government’s Server',
'City’s Billing System',
'City’s Auto-Pay System']},
'initial_access_broker': {'entry_point': 'Email System'},
'motivation': 'Financial Gain',
'ransomware': {'ransom_demanded': 'US$200,000', 'ransomware_strain': 'Ryuk'},
'title': 'Ryuk Ransomware Attack on Port Lavaca City Hall',
'type': 'Ransomware'}