Matanuska-Susitna, a suburban borough in Alaska, has been experiencing a cyber blackout due to ransomware attack. It has been nearly a week since officials detected a cryptovirological code in one of the internal servers of the local government system. Local security experts along with the cyber unit of the FBI have commenced ransomware removal activities. Initial reports suggest that the attack was not the work of some shoddy basement hackers.
The extent of the damage can be estimated by the fact that over 500 computers with Windows OS and 120 servers were affected by the cryptovirological code. Ransomware removal of such an extensive encryption activity also needs a lot of time even if it is supervised by cybersecurity experts.
Even though the borough’s official website remains unaffected, still a huge chunk of backend operations have been altered by the attack. Therefore, officials have to resort to offline means to run routine errands.
The ransomware activity locked the government officials out of official email accounts and phone networks. Meanwhile, they can’t access disaster-recovery protocols and backups. All these obstacles have left many local government offices with no other option except to do things manually. According to the public affair director of the borough, the staff is using pens, papers, and typewriters to render many municipal services.
As per a cyber expert who has worked with several civilian and military IT teams, the attack is a mix of complex malware codes including ransomware and Trojan viruses. The intent of this combination was to prolong the attack. BitPaymer is the ransomware strain used in the attack. Developers of this strain usually ask for anywhere between 20 and 50 Bitcoins for ransomware removal. The initial investigation is also reporting that a phishing maneuver was used to deliver the ransomware payload to the affected computers.
