Wisconsin city of Sheboygan says ransom demanded after cyberattack

Avatar

Cybercriminals have demanded a ransom from officials in the city of Sheboygan, Wisconsin this week after launching an attack that caused network issues. 

Since late October, the city of more than 50,000 has been dealing with technology outages. On Sunday the city provided an update, confirming that hackers gained “unauthorized access” to the city’s network.

“We have reported this incident to law enforcement, and while we have received a request for payment of a ransom, we are cooperating fully with law enforcement and incorporating their guidance into our response,” the city said. 

The investigation into the attack is ongoing but the city has been tightlipped about the systems affected by the incident. A local news outlet reported on Tuesday that the mayor’s office said public safety services are responding to emergency situations “with limited interruptions.”

“City of Sheboygan employees with internet access can communicate with each other online as all cloud-based services are up and working,” the city told TMJ4 News. 

The statement on Sunday says the city has been able to secure its network and is actively working with cybersecurity experts to resolve the issues caused by the attack. 

City officials did not respond to requests for comment, but explained in their first statement that they isolated parts of the network to protect others and keep the hackers out. They did not specify the size of the ransom or the name of the group behind the demand.

Sheboygan is about an hour north of Milwaukee. No ransomware gang has taken credit for the attack, but several groups have previously targeted Wisconsin government institutions over the last two years. The Snatch ransomware group attacked the Kenosha Unified School District in 2022 and Rock County systems were impacted by ransomware in 2023. 

Langlade County announced a “catastrophic software failure” following an alleged LockBit ransomware attack last year that damaged the city’s 911 system. 

Several other hospitals, insurance companies and large businesses across the state have dealt with ransomware attacks as well. 

The state’s court system was also brought down by distributed denial-of-service (DDoS) attacks that limited access to crucial court documents.

CybercrimeGovernmentNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

Next Post

Bitdefender releases decryptor for ShrinkLocker ransomware

Related Posts

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT
Avatar
Read More

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software. Arising due to resource
Avatar
Read More