[ad_1]
MARTIN COUNTY — A noted cybersecurity expert says it’s “reasonably likely” that BlackByte ransomware attackers are responsible for the ongoing shutdown of the Martin County Tax Collector’s Office.
A message posted on the dark web by the hackers could be another piece of evidence pointing to their responsibility for the “security incident” that has shut down most services at the office for more than two weeks.
Unclear cause:Did BlackByte ransomware attack the Tax Collector’s Office? Maybe not, but no one’s sure
Expert weighs in:Ransomware attack on Martin County Tax Collector’s Office could inflict data damage
The message tells the Tax Collector’s Office that BlackByte has “decided to provide you a free decryption so you can work further … We are asking your IT team to write us. To our mail. So we can help you get your system back to work again.”
Brett Callow, threat analyst at global cybersecurity firm Emsisoft, which earlier this year helped solve the Colonial Pipeline Co. ransomware attack, told TCPalm he discovered the message on the group’s website while doing general intel gathering.
It appears to have been posted in the last 24 hours, Callow said Monday.
The dark web has online content that is only accessible by certain software or authorizations and is typically associated with illegal activity, according to digital security company Norton.
The message — together with public records showing BlackByte initially was identified as the culprit behind the shutdown of the Tax Collector’s Office, Callow said, strengthens the possibility it is responsible.
“It would seem reasonably likely that they were indeed responsible,” he said.
Tax Collector Ruth Pietruszewski declined to comment Monday on the BlackByte message, citing the ongoing investigation.
The cybercriminals may be offering free decryption, or code to return the tax collector’s data, because they’re getting “cold feet,” Callow said.
The hackers could have backtracked from attacking a government operation at a time when federal law enforcement is intensifying efforts against ransomware, he added.
If, in fact, the hackers offer the Tax Collector’s Office access to its data again, the process could be time consuming and, in the end, the code could be corrupt, inflicting even further damage, Callow said.
“We’re not exactly sure who the operators are or where they’re based,” he said. “They haven’t said what they’ll do in relation to any data they (may) have stolen in this incident.”
Meanwhile, the tax collector’s main office in Stuart reopened Monday for payment of property-tax bills but still was unable to process transactions for the Florida Department of Highway Safety and Motor Vehicles.
Pietruszewski said she had planned to reopen all operations Monday afternoon, but a statewide software shutdown of motor-vehicle services prolonged the office from getting online. She hopes it will be fixed Tuesday, she said.
A sign on the door of the Stuart office Monday still referred Martin County residents to the St. Lucie County Tax Collector’s Office for vehicle services despite the neighbor’s Friday announcement that it would no longer accommodate Martin County residents.
Stuart resident Gene Botelho drove to a St. Lucie tax collector location Monday morning after reading the sign, he said. He waited 30 minutes before being turned away in an effort to register a new license plate for his car.
“This is awful. This is terrible,” he said of the lack of communication by the Martin County office.
As of Monday, the kiosk for registration renewal decals at Publix on Southwest Martin Downs Boulevard in Palm City was working again, Pietruszewski said.
Additionally, concealed-weapon services were available at the tax collector’s Stuart and Hobe Sound locations, and Transportation Security Agency services were available at the Palm City location.
Lina Ruiz is TCPalm’s watchdog reporter for Martin County. You can reach her at lina.ruiz@tcpalm.com, on Twitter @Lina_Ruiz48 or at 321-501-3845.
[ad_2]
Source link
