The city of Pensacola, Florida, was hit by a ransomware
attack, and authorities are still trying to determine if the hackers stole data
from the affected systems.
Early reports from Pensacola mentioned that the city
administration fell prey to a cyberattack, but no specifics were released. Now,
the city officials say
that Pensacola was hit by Maze ransomware.
Attackers who use ransomware usually settle for
encrypting the target’s operating systems, then demanding payment to unlock
them. In a few cases, the ransomware attack is used to steal data as well,
either to sell it on the dark web or to persuade the victims to pay up.
The Florida Department of Law Enforcement (FDLE) is the
agency that identified the ransomware as Maze, which was used in an earlier
attack on Allied Universal, a security staffing firm with more than 200,000
employees. Interestingly, no ransomware note was sent, and the victims were
directed to use Tor (decentralized anonymization network) to contact the
attackers.
Affected systems in Pensacola included the public emails
and phone numbers, along with online payments, but emergency safety services
remained unchanged.
The attack in the Allied case used stolen data to
convince the victims they were the real perpetrators. So far, Pensacola city
administration has seen no such proof.
Finally, law enforcement agencies have to consider the
proximity of the cyberattack to the shooting that took place at the Navy Air
Station just 24 hours prior, but a link has yet to found.