The LockBit ransomware group has leaked data stolen from the Washington County Sheriff’s Office in Florida, including warrants and employee information.
The cyber attack, which took down the department’s finance system and jail networks, occurred in February, with the ransomware group taking credit for the attack on 27 February and threatening to leak the data by 20 March. Although a spokesperson for the sheriff’s office confirmed the ransomware attack, the department did not disclose whether a ransom had been paid.
However, Florida law prohibits government organisations from paying ransoms in such cases.
The Washington County Sheriff’s Office believes the attack originated in Russia, although it is not certain. Following the attack, the department’s app was offline from 21 February until early March, and it hired a private IT company to assist with the recovery effort.
Despite the attack, Sheriff Kevin Crews said that the department’s communication lines did not go down, and they were able to continue serving the community.
LockBit has been the most active ransomware group in recent times, accounting for over half of all ransomware attacks tracked by experts at NCC Group in February. The group was linked to 129 ransomware attacks in February, a 150% increase compared to January.
In recent times, law enforcement agencies have become targets of ransomware groups. Modesto and Oakland police departments in California were attacked, while the US Marshal Service also experienced a similar incident.
According to cybersecurity experts, LockBit is expected to continue its activities in 2023, leading the way as the most prominent threat actor. It is crucial for organisations to have robust cybersecurity measures in place to prevent ransomware attacks and protect sensitive information.