Wisconsin city of Sheboygan says ransom demanded after cyberattack

Avatar

Cybercriminals have demanded a ransom from officials in the city of Sheboygan, Wisconsin this week after launching an attack that caused network issues. 

Since late October, the city of more than 50,000 has been dealing with technology outages. On Sunday the city provided an update, confirming that hackers gained “unauthorized access” to the city’s network.

“We have reported this incident to law enforcement, and while we have received a request for payment of a ransom, we are cooperating fully with law enforcement and incorporating their guidance into our response,” the city said. 

The investigation into the attack is ongoing but the city has been tightlipped about the systems affected by the incident. A local news outlet reported on Tuesday that the mayor’s office said public safety services are responding to emergency situations “with limited interruptions.”

“City of Sheboygan employees with internet access can communicate with each other online as all cloud-based services are up and working,” the city told TMJ4 News. 

The statement on Sunday says the city has been able to secure its network and is actively working with cybersecurity experts to resolve the issues caused by the attack. 

City officials did not respond to requests for comment, but explained in their first statement that they isolated parts of the network to protect others and keep the hackers out. They did not specify the size of the ransom or the name of the group behind the demand.

Sheboygan is about an hour north of Milwaukee. No ransomware gang has taken credit for the attack, but several groups have previously targeted Wisconsin government institutions over the last two years. The Snatch ransomware group attacked the Kenosha Unified School District in 2022 and Rock County systems were impacted by ransomware in 2023. 

Langlade County announced a “catastrophic software failure” following an alleged LockBit ransomware attack last year that damaged the city’s 911 system. 

Several other hospitals, insurance companies and large businesses across the state have dealt with ransomware attacks as well. 

The state’s court system was also brought down by distributed denial-of-service (DDoS) attacks that limited access to crucial court documents.

CybercrimeGovernmentNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

Next Post

Bitdefender releases decryptor for ShrinkLocker ransomware

Related Posts

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company
Avatar
Read More

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. "The [Israel-Hamas] conflict has not disrupted the WIRTE's
Avatar
Read More