The city of Augusta, Georgia, has reportedly become the latest victim of a ransomware attack by the Russian-linked hacking group BlackByte.
BlackByte claimed responsibility for the attack on their dark net leak page, threatening to release a trove of stolen files and demanding a staggering$50 million ransom to restore the city's systems. 'We have a lot of sensitive data. Many people would like to see as well as the media. You were given time to contact us, but it seems like you are sleepy,' the hacking group threatened.
Despite the evidence of leaked documents circulating online, including sensitive data such as capital budget requests, job application questionnaires, payments and the names and contact details of business owners in Augusta, Augusta's Mayor, Garnett Johnson, has denied the claims of a ransomware attack. Meanwhile, an FBI spokesperson confirmed that the FBI is engaged with the City of Augusta and investigating the incident.
In an effort to address the contradictions, the Mayor put out an official statement on Twitter, noting that 'Augusta's Information Technology Department continues to work diligently to investigate the incident, to confirm its impact on our systems, and to restore full functionality to our systems as soon as possible.'
As the investigation unfolds, Augusta's mayor and the Augusta Commission are expected to address the outage in a special news conference.
BlackByte, a suspected splinter group of the notorious Conti ransomware operation based in St Petersburg, Russia, has been a dominant force in the threat landscape. Their previous high-profile target was the San Francisco 49ers of the National Football League.
Augusta is not the first city in Georgia to fall victim to ransomware; Atlanta suffered a devastating attack in 2018, highlighting the vulnerability of weak IT infrastructure in many cities. Most recently, Dallas, Texas, faced its second ransom attack within six months, orchestrated by the Royal gang. The attack crippled Dallas Police and Fire Rescue departments for nearly a week, and the city is still grappling with recovery efforts.
Ransomware attacks on major US cities have been on the rise, with smaller governments lacking the necessary funds to bolster their security infrastructure effectively.