May 8, 2024 at 12:25PM
The LockBit ransomware gang has targeted Wichita, forcing the shutdown of IT systems for bill payment and public services. With the threat of leaking stolen files unless a ransom is paid, the attack coincides with law enforcement actions against the group. Wichita experiences disruption in various services, with data theft and further leaks a potential concern.
Key Takeaways from Meeting Notes:
1. The City of Wichita, Kansas, has experienced a disruptive cyberattack by the LockBit ransomware gang, forcing the shutdown of various IT systems for online bill payment, public transportation, and other public services.
2. The ransomware gang has demanded payment and threatened to publish stolen files unless their ransom demands are met. This follows the recent naming and sanctioning of the leader of the LockBit ransomware operation, possibly indicating an act of revenge.
3. The cyberattack has resulted in multiple disruptions to essential city services, including suspended auto payments for water bills, limited public Wi-Fi access, restricted usage of library resources, and the need for cash or check payments for public services and facilities.
4. Certain public safety services, such as the Wichita Fire Department, Wichita Police Department, and public transportation, have been affected, with services now resorting to manual “pen and paper” reports and accepting only cash payments.
5. Investigations are ongoing to determine if data was stolen in the attack, with the potential threat of data leakage if the ransom is not paid. This highlights the need for robust cybersecurity measures and preparedness for future cyber threats.