PHI 314 Week 6 Case Study

docx

School

Wilmington University *

*We aren’t endorsed by this school

Course

314

Subject

Philosophy

Date

Dec 6, 2023

Type

docx

Pages

6

Uploaded by CommodoreArtEagle24

Report
Ransomware attack on the city of Augusta, Georgia Wilmington University PHI 314 Ethics for Computer Professionals
Ransomware attack on the city of Augusta, Georgia The second largest city in the U.S. State of Georgia, Augusta, was disrupted by a ransomware cyberattack on May 21st, 2023. This is one of the latest of a string of ransomware cyberattacks against city municipalities in the United States. These breaches can immobilize city operations as well as leading to the exposure of sensitive personal information of government officials as well as city residents. The ransomware attack on the city of Augusta exposed 10 GB of 70 GB of stolen data. In the 10 GB that was released, it shows the people affected were city officials and the city’s 200,000 residents. The stolen data being held hostage consisted of personal medical reports, emails, health coverage reports, W-2 forms with all of their personal tax information, retiree account statements, windows login account information, Comcast account information, Wi-Fi and internet access logins, server and host IP information, miscellaneous tax files, personal account information of the residents including names, addresses, credit card information, login information with security codes, phone numbers, email addresses, birth dates and health record documents. All this very personal information adversely affects the citizens of Augusta. With this information, it could be sold off to other cybercriminals and be possibly used for extortion or blackmail purposes. Some of the stolen information has already been used to sow discontent between the city and its residents. In exposed emails released by the hackers, an Augusta IT systems administrator accepted a job role for another position at another company and gave his notice to the City of Augusta. In response, their IT department asked HR to offer him a counteroffer to keep him onboard. The HRs response was to offer an amount without going to the Commission of the City. The city’s Mayor Garnett Johnson has not made a comment regarding these specific emails.
This attack not only stole sensitive information, but it also disrupted the city's operations. The attack immobilized Augusta’s utilities department, not allowing the city to see customers' account information. The vehicle registration and tag renewal office were also affected as people had to come in person rather than online. It affected the tax offices in the same way. Reports show that 911 systems operations were affected as the dispatch center had no access to electronic records. Even the Augusta animal services department was affected. The website wasn’t listing any of the pets and the center recommended residents to come to the shelter to identify any lost pets. The hacker group, BlackByte, has claimed responsibility for this attack on the City of Augusta on May 25th, 2023. BlackByte emerged in July 2021 and essentially rents out it cyberattacks as a service or also known as RaaS (Ransomware-as-a-Service). This hacker group also claimed responsibility for a ransomware attack on the San Francisco 49ers football team in February of 2022. CISA (Cybersecurity and Infrastructure Security Agency) and the FBI issued a joint warning of BlackByte and how they can expose vulnerabilities in Windows servers across critical infrastructure sectors such as government, financial and food and agriculture (Burt, J., 2022, October 23). BlackByte demanded a payment sum of $2 million dollars from the City of Augusta. Mayor Johnson stated they have not had communications with the hacker group and were not going to pay the hacker group. This was a statement released on May 26th, five days after the breach occurred. On June 2nd, the Mayor released another statement reiterating that the city is committed to taking all appropriate steps to notify any identified individuals involved (De Felice M. A., 2023, June 4). This statement was released a full two weeks after the initial breach occurred and it sounds like the city is still trying to identify which of its citizen victims were in
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
impacted. I wouldn’t consider this full two weeks as being informed in a timely manner, not when it comes to their own resident’s sensitive personal information. Several actions that businesses can take to protect themselves are to implement strong security measures such as using strong passwords, keeping software and systems up to date, using firewalls, intrusion detection systems and antivirus software. IT departments should implement a system of network segmentation, so that not all data is accessible from one system. They can also limit access to a need-to-know basis, so as to limit access points and exposing fewer potential vulnerabilities. Implementing a 2FA or MFA authentication service is another measure to provide an additional level of security. IT should also run audits on domains, servers, workstations for unrecognized user accounts. It will also be responsible for updating and installing patches on software and firmware as soon as they become available. Businesses can invest in educating their employees by requiring cybersecurity training to look out for cyber dangers, such as phishing email exercises. Businesses should also generate regular backups of all of their vital data and create a disaster recovery plan to restore the data in the event of an attack. The government can also aid in the prevention of cybersecurity threats. CISA has a free cybersecurity assessment service available to federal, state, local, tribal and territorial governments. This service also includes private sector businesses that provide critical services to infrastructure organizations ( https://www.cisa.gov/topics/cyber-threats-and-advisories/cyber- hygiene-services ). In May of 2022, CISA and the FBI created the JRTF to help tackle growing threats in the cyberworld. The government has a clear stance made through an advisory release that discourages all private organizations and citizens from paying extortion demands. By giving into demands, the hacker groups obtain more funding which can be used to target more
organizations in the future. The government even warned if companies give in, they may face civil penalties (C.J. Haughey., 2022, October 11). For the City of Augusta, they did not pay the ransom that BlackByte demanded, and the hacker group ended up releasing all 70 GB of stolen data. The city is recovering from the attack and is back to operating with workarounds. As stated by J. Bryan Randall of wfxg.com, “Whether by design or coincidence, the Augusta Commission last week approved the purchase of new IT equipment including computers, servers, printers, scanners, switches, routers, VOIP phones and other items. The approximate estimated total cost for items scheduled to be replaced, upgraded or purchased in 2023 is $655,000.” Another source told the local Fox affiliate that an estimated $250,000 is needed to help retain an IT professional agency to get the city’s network up and running again. Augusta is working with the FBI and continuing to investigate. References: Mayor denies $50M ransom demand amid city computer outage. (2023, May 25). https://www.wrdw.com. https://www.wrdw.com/2023/05/25/mayor-denies-getting-ransom-demand-fix-computer-outage/ FBI investigates Augusta computer crisis – a possible cyberattack. (2023, May 24). https://www.wrdw.com. https://www.wrdw.com/2023/05/24/city-augusta-cyber-crisis-whats-working-whats- not/ Staff, S. (2023, June 7). Georgia city mayor rejects dealings with BlackByte ransomware. SC Media. https://www.scmagazine.com/brief/ransomware/georgia-city-mayor-rejects-dealings-with-blackbyte- ransomware Hardcastle, J. L. (2023, May 26). BlackByte ransomware crew lists city of Augusta after cyber “incident.” The Register. https://www.theregister.com/2023/05/26/blackbyte_augusta_malware/ Toulas, B. (2023, May 26). BlackByte ransomware claims City of Augusta cyberattack. BleepingComputer. https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-claims-city-of-augusta- cyberattack/ News team. (2023, May 26). Cyberattacks on City and Municipal Governments - Cyber Defense Magazine. Cyber Defense Magazine. https://www.cyberdefensemagazine.com/cyberattacks-2/ De Felice Aka Amvinfe, M. A. (2023, June 4). Exclusive! City of Augusta, GA: BlackByte will soon release 70GB of exfiltrated data. SuspectFile. https://www.suspectfile.com/exclusive-city-of-augusta-ga-blackbyte- will-soon-release-70gb-of-exfiltrated-data/
De Felice Aka Amvinfe, M. A. (2023, June 4). Update 6.04.2023: BlackByte attacks City of Augusta, GA and demands a ransom of $2 million. SuspectFile. https://www.suspectfile.com/blackbyte-attacks-city-of- augusta-ga-and-demands-a-ransom-of-2-million/ Indicators of Compromise Associated with BlackByte Ransomware (2022, February 11). CISA and FBI https://www.ic3.gov/Media/News/2022/220211.pdf Burt, J. (2022, October 23). Could you not? BlackByte ransomware slinger twists the knife with data stealer. The Register. https://www.theregister.com/2022/10/24/blackbyte_ransomware_exbyte_extortion/ Cyber Hygiene Services | CISA. (n.d.). Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/topics/cyber-threats-and-advisories/cyber-hygiene-services Stop Ransomware | CISA. (n.d.). Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/stopransomware How the US Government is Fighting Back Against Ransomware. C.J. Haughey. (2022, October 11). Security Intelligence. https://securityintelligence.com/articles/us-gov-fighting-ransomware/ Dukowitz, Z. (2023). How Do You Prevent a Ransomware Attack? Tips to Keep Local Governments Safe. OpenGov. https://opengov.com/article/how-do-you-prevent-a-ransomware-attack-tips-to-keep-local- governments-safe/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

QUIZ INTRODUCTION TO THE STUDY OF tHEOLOGY AND THE BIBLE.pdf
DB week 4.docx
kant .docx
week 2 dis ech400.docx
WeaveTech_ High Performance Change.pdf
Reflection On The Ones Who Walk Away From Omelas_ [Essay Example], 752 words GradesFixer.pdf
PHI 314 Week 1 Case Study.docx
PHI 314 Week 2 Case Study.docx
PHI 314 Week 4 Case Study.docx
Lesson1LegalEthicalDiscussionOttaway.docx
Copy of Booker T. Washington and W.E.B. DuBois.pdf
rlgn105.docx