Ontario town of St. Marys targeted by ransomware group

Prolific ransomware group LockBit attacked St. Marys, locking staff out of internal systems and encrypting data

A small Ontario town was a victim of a recent ransomware attack perpetrated by the notorious LockBit group.

The town of St. Marys has around 7,500 residents and is located north of London, Ontario. The town says it’s investigating after a ransomware attack locked staff out of internal systems and encrypted the data. According to The Verge, LockBit added a post to its site on the dark web listing ‘townofstmarys.com’ as a victim and offering a preview of files it had stolen.

In a press release, St. Marys’ corporate communications manager Brett O’Reilly wrote that critical municipal services, including “fire, police, transit, and water/wastewater systems,” were operating as usual and weren’t affected by the attack.

Moreover, the town is now working with cyber incident response exports to investigate the incident, restore backed-up data and assess impacts on its information, if there are any. Plus, the experts will assist staff in trying to unlock and decrypt the town’s systems.

The town has received a ransom demand from LockBit, but has not paid anything to date.

Warning about the ransomware attack from the St. Marys website.

The Verge notes that LockBit has so far followed its typical operating procedure, which included giving the town a deadline to pay in order to unlock their systems or else see the data published online.

Recorded Future reports that LockBit took credit for 50 ransomware incidents in June 2022, making it one of the most prolific global ransomware groups. Additionally, St. Marys is the second small town targeted by the group. Earlier in July, LockBit attacked the town of Frederick, Colorado.

According to The Verge, small municipalities have increasingly become targets of ransomware groups.

Header image credit: Shutterstock

Source: St. Marys Via: The Verge