Department of Finance in California Suffer LockBit Ransomware Cyberattack

The LockBit ransomware gang has claimed responsibility for the recent cyberattack on the Department of Finance in California. The incident is already being investigated by the California Cybersecurity Integration Center (Cal-CSIC).

The Ransomware Attack

The attack was confirmed by California's Office of Emergency Services. However, they did not shed much light on the attack, only that the intrusion was proactively identified by coordinating with federal security partners.

The Office of Emergency Services also stated that as soon as the digital security threat was detected, experts were deployed immediately to determine how bad the attack was. The experts would evaluate, contain, and mitigate other potential vulnerabilities to avoid further attacks.

According to Bleeping Computer, the Department of Finance claimed that the state funds weren't affected during the attack. However, several files have been stolen, and the hackers threatened to publish them.

The hacker posted proof of the theft of data on LockBit's leak site, which included databases, confidential data, financial documents, and IT documents. These amounted to 246,000 files stored in 114,00 folders, which is 75.3 GB of data.

LockBit demanded that they get paid before December 24, or the files would be published if they did not get the ransom. There are still no reports as to how much the hacker group is asking for in exchange for the files.

The Group Goes on Without Its Operator

There were rumors that LockBit might end its operations since the leader has been arrested, but recent attacks show that that is not the case. Earlier in November, the hacker group's operator was arrested in Ontario, Canada.

Mikhail Vasiliev was a Russian and Canadian national who had been under investigation by the French National Gendarmerie prior to the arrest. Several agencies helped, like the FBI, Europol's European Cybercrime Center, and the Royal Canadian Mounted police.

As he was arrested, the authorities seized Vasiliev's equipment which were eight computers, 32 external hard drives, and around €400,000 ($424,800) in cryptocurrency, as mentioned in Tech Crunch.

The aggressive search for the operator is due to his involvement in many high-profile cases. According to reports, Vasiliev has attempted to ask for ransom around the amount of €5 to €70 million. LockBit has targeted around 1,000 victims in the US alone, getting successful payments that lead up to tens of millions of dollars.

FBI Deputy Paul Abbate said that the successful arrest demonstrates the agency's ability to apply relentless pressure against adversaries. He added that the agency collaborates with federal and international partners to ensure American public safety against cyber attackers.

Brett Callow, a ransomware expert, said that the group might just rebrand after the arrest of one of its operators and that Vasiliev might give his accomplices up. Regardless, it was still a significant arrest to avoid ransomware attacks.

LockBit has had many well-known victims. These include the automotive company Continental, the security company Entrust, Accenture, the Italian Internal Revenue Service, and the most recent one, the Department of Finance in California.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics