Pittsboro, NC (WorkersCompensation.com) – The FBI issued a warning late last year regarding a type of ransomware by the name of DoppelPaymer, which was known to attack critical industries as early as 2019. It would appear that DoppelPaymer campaign of attacks is far from over as just this week Chatham County government was compromised and the stolen information posted online, according to a report from Chatham News + Record.
The previous ransomware attacks included healthcare, emergency services, and education, locking information and demanding a six to seven figure bitcoin ransom. In several cases, the criminals actually called the victims of the data that was stolen in a bid to pressure them for the ransom.
In a German case in September 2020, as a result of a DoppelPaymer attack, personnel at an emergency center were not able to communicate with the hospital. As a result, one patient had to be re-routed to a hospital 20 minutes away, and in the process died although speculation of the patient’s health was such that they may not have survived with immediate care.
Also in September, a DoppelPaymer attack on a 911 call center prevented workers from accessing a dispatch system. Additionally, there were other attacks on other county and city government systems that not only disrupted emergency dispatch, but also police, jail, and payroll systems. The infraction occurred when an employee used Internet Explorer to view a cryptocurrency website, resulting in an infection of Windows 7 and 10, as well as Server 8, 12 and 16 via a Dridex trojan software.
At one point in 2019, the DoppelPaymer attacked and infected 13 out of 380 servers belonging to a healthcare system. As a result of the attack, the criminals demanded 50 bitcoin, equating at the time to $600,000 in ransom.
The recent attack in Chatham County occurred on October 28th with 2 batches of data published on the dark web. While one file did not contain critical information, another file contained sensitive information that has been viewed at least 30,000 times. Although reports have not been confirmed, there is speculation that the criminals have demanded a ransom of $500,000 bitcoin payment.
Chatham County Manager Dan LaMontagne issued a statement that the county was in the process of determining and notifying individuals impacted, and setting up a central call center.