The City of Lake City has confirmed that a “Triple Threat” ransomware attack affected the functionality of several of its computer systems.
According to its Facebook statement, the Floridian municipality became the target of a ransomware program known as “Triple Threat” on 10 June 2019. This malware allegedly combined three different attack vectors to target the City’s systems.
Ultimately, the program succeeded in disrupting Lake City’s ability to provide many of its public services. The ransomware brought down all municipality email systems, for instance. It also rendered most landline phones inoperable.
Even so, the attack failed to affect any Public Safety networks, as Lake City previously isolated and protected those assets using encryption. The ransomware attack therefore did not affect any of the City’s emergency services.
That’s not the only bit of good news. Brian Hawkins, information technology director for the City, revealed another fortunate finding in the City’s statement:
Our systems are shut down, but there is no evidence to indicate any sensitive data has been compromised. All customer service payment data, such as credit card data, is stored off-site by third party vendors and would not have been accessed by an attack like this on our network.
It’s unclear from Lake City’s notice whether the offending ransomware actually went by the name “Triple Threat” or received that nickname from the City’s IT team. A broader search online didn’t readily reveal any previous research surrounding a strain of ransomware that bears this name, either.
While the City’s IT team works with an outside consultant to recover all affected systems using backup systems, most Lake City departments are using emergency cell phones to carry out their duties. The municipality went on to clarify that City Hall remains open and that it will convey any and all critical information through the Lake City Police Department’s Facebook page.
This attack, and others like it, highlight the importance of municipalities everywhere taking steps to prevent a ransomware infection. This resource is a great starting point.