Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label BlackCat gang. Show all posts

Florida Circuit Court Targeted in Attack by ALPHV Ransomware Group

 

The ALPHV, also known as BlackCat, ransomware group has asserted responsibility for a recent assault on state courts in Northwest Florida, falling under the jurisdiction of the First Judicial Circuit. 

The attackers claim to have obtained sensitive information such as Social Security numbers and CVs of employees, including judges. It's a common tactic for ransomware groups to threaten the public release of stolen data as leverage for negotiations.

The presence of the Florida First Judicial Circuit's data leak page on ALPHV's website suggests that the court has either not engaged in talks with the ransomware group or has firmly refused to meet their demands. 

The breach occurred last week, prompting the Florida circuit court to announce an ongoing investigation into the cyberattack, which disrupted operations on October 2nd. A statement released by the court stated that this incident would have a significant impact on court operations across the Circuit, affecting courts in Escambia, Okaloosa, Santa Rosa, and Walton counties for an extended period. 

The Circuit is prioritizing essential court proceedings but has decided to cancel and reschedule other proceedings, along with suspending related operations for several days starting from October 2, 2023.

In the midst of the investigation, judges in the affected counties have been in contact with litigants and attorneys regarding their regularly scheduled hearings. 

Additionally, the court authorities confirmed that all facilities are operating without any disruptions. As of now, the court has not independently verified the ransomware attack claims made by the ALPHV gang.

The ALPHV ransomware operation, originally known as DarkSide, emerged in November 2021 and is believed to be a rebranding of DarkSide/BlackMatter. 

This group gained international notoriety after the Colonial Pipeline breach, drawing the attention of law enforcement agencies worldwide. After a rebranding to BlackMatter in July 2021, their activities abruptly halted in November 2021 when authorities seized their servers and security firm Emsisoft developed a decryptor exploiting a ransomware vulnerability. 

This ransomware operation is known for consistently targeting global enterprises and continuously refining their tactics.

In a recent incident, an affiliate known as Scattered Spider claimed responsibility for an attack on MGM Resorts, asserting to have encrypted over 100 ESXi hypervisors after the company declined ransom negotiations following the shutdown of internal infrastructure. 

As reported by BleepingComputer, ALPHV's ransomware attack on MGM Resorts resulted in losses of approximately $100 million, as well as the theft of its customers' personal information. The FBI issued a warning in April, highlighting the group's involvement in successful breaches of over 60 entities worldwide between November 2021 and March 2022.