The recent hack on New Orleans city hall was one in history. The incident happened in the early hours of 13th December and was intact throughout the day. Now, after studying deeply into the memory dumps of the hack, it was resulted to be the act of the infamous ransomware group, Ryuk .
The City Hack
The city’s government services were under attack on December 13th this year. This was found when Kim LaGrue, the city’s Chief Information Officer revealed to press about the hack when they found suspicious activity happening in their systems at 5 AM on 13th December.
Image By https://www.securitynewspaper.com/
After three hours, the situation of suspicion was confirmed when their employees started accessing their respective systems. This was soon informed to Federal for help and the entire city’s servers were closed to jeopardize the hack.
Though the entire electronic things were shut, emergency communications as 911, fire and police department, EMS, etc were unaltered and continued responding to emergencies throughout. At this time, the officials said they haven’t received any ransom call/note yet and don’t know who’s behind the attack.
Tracing Through Memory Dumps
This instance was first linked to the Ryuk gang based on the reports uploaded to VirusTotal. Further, it was confirmed by the researches of Colin Cowie from Red Flare Security.
The city of #neworleans was hit with #RYUK Ransomware! Looks like it encrypted their “Contracts and Revenue” file share???? ????: https://t.co/PtfHjcYQA0 pic.twitter.com/cP4EcvgoPu — Colin Cowie (@th3_protoCOL) December 15, 2019
