Not even the smallest of communities are safe from cyber risk, as the town of St. Marys, ON has proven by becoming the latest victim of a ransomware attack perpetrated by one of the biggest malware groups active today.
On July 22, a post on the dark web site of the infamous LockBit ransomware group listed the town’s website, townofstmarys.com, as the latest victim of the group’s malware. To show proof of the attack, the group also previewed files that were stolen and encrypted from the town’s systems.
The Verge reached out to St. Mary's mayor Al Strathdee, who confirmed that the town is responding to the malware attack with the help of experts.
“To be honest, we’re in somewhat of a state of shock,” the mayor said. “It’s not a good feeling to be targeted, but the experts we’ve hired have identified what the threat is and are walking us through how to respond. Police are interested and have dedicated resources to the case . . . there are people here working on it 24/7.”
Strathdee also explained that after the town’s systems were locked, the LockBit gang sent a ransom demand. The mayor also said that generally speaking, the Canadian government’s cybersecurity guidance has discouraged paying ransoms, but St. Marys will follow the incident response team’s advice.
An official statement from town officials on the affected website said that the cyber incident occurred on July 20. The town also gave assurances that critical municipal services such as fire, police, transit, and water/wastewater systems were unaffected by the incident and are operating as usual. Town staff are also resuming their duties and can still be reached by phone, email, or in person.
The LockBit gang claimed responsibility for 50 separate ransomware incidents in June 2022 – making the group one of the most prolific malware groups in operation. The Verge additionally reported that the St. Marys cyberattack was the group’s second small town target, as the gang had unveiled on July 14 that it had stolen data from the town of Frederick, Colorado.
Cybersecurity company Dragos published a report earlier this year, which found that LockBit and Conti – another infamous ransomware gang – were responsible for 51% of all ransomware attacks in 2021. Most of the attacks were directed at manufacturing businesses, due to having the “least mature” security defences among other industries.
