An Entire Canadian Town Is Being Extorted By Ransomware Cyber Criminals

Ransomware attacks have been on the rise. This time around, the small Ontario, Canada town of St. Marys has been targeted. The ransomware organization behind the attack seems to be LockBit. So far though, no ransom has been paid. The town itself claims that most city functions are still operational and staff are still working and getting paid.

Upon visiting the official web site of the town visitors are greeted with a large red box containing the following quote.

"The Town of St. Marys is currently investigating a cyber security incident that locked our internal server and encrypted our data. We are working closely with cyber security experts to investigate the source of the incident, restore our back up data, and assess impacts on our information, if any."
"We have a skilled and knowledgeable team of Town staff, cyber security experts and legal counsel working around the clock to resolve any issues related to this incident. I have full confidence in our team and want to assure the public that protecting their privacy is our top priority." says the Mayor, Al Strathdee, in a press release that visitors are greeted with after closing the big red notice.

Also according to the press release, the Town of St. Marys, despite its ransomware situation, has stated that all major city functions are still operating as normal, this includes transit and water treatment.

This is only the latest in a long line of organizations and municipalities that have been plagued by ransomware recently. According to a report in March of this year, IC3, the Internet Task Force branch of the FBI released a report that municipalities are being more frequently targeted and it is causing significant strain on resources. That same report also publishes some best practices to help try to prevent these types of security breaches and ransomware attacks. It may be a good idea for organizations and municipalities to read up, whether they're in the US or not.

‼️ NOTICE ‼️ We are investigating a cyber security incident that locked our internal server & encrypted our data. We are working with experts to investigate the source, restore our back up data and assess the impacts on our information, if any. More: https://t.co/cdaQdwX8Au pic.twitter.com/IUcetvph2l — St. Marys, Ontario (@townofstmarys) July 22, 2022

LockBit itself has been showing up more and more in the news as of late. We recently pointed out that they've released a tool to see if your data has been stolen. They also hit the news when they managed to target a Foxconn Factory, disrupting its operations.

According to the LockBit dark web site, it looks as though they are expecting a ransom payment, or else the town's data will be leaked, which may include data on the town's citizens. Hopefully the town is able to resolve the issue without too much fallout. St. Marys is a town of only 7,500 people, we can only hope their personal information remains safe. Citizens are encouraged to keep on eye on the Town of St. Marys Web Site, their Facebook Page, and its Twitter feed for more information and updates.