Last January in Georgia, Fulton County Chairman Robb Pitts found himself in a showdown staring at criminals he couldn’t see. The county was under a ransomware attack; the effects were widespread.
“Everything. Things you take for granted. Going to the library to check out a book — couldn’t do it. Getting a marriage license, checking on your taxes — couldn’t do it,” Pitts said, adding that it felt like they were being “held hostage.”
Ransomware criminals are in the extortion business — they hack an organization’s network, lock up the data, and demand a ransom for the keys. Last year, ransomware hackers walked away with a record $1 billion, and according to cybersecurity company Coveware, the number of organizations that pay has fallen from over 80% to only about 30%.
When the ransomware attack hit Fulton County, the stakes couldn’t have been higher. Five months earlier, former President Donald Trump and 18 others had been charged there in connection with allegedly trying to overturn the 2020 election. The hackers claimed to have secret documents from the case and threatened to make them public.
They were asking for “several several several millions of dollars,” Pitts said.
Bryan Vorndran, assistant director of the FBI’s cyber division, says the agency doesn’t “encourage organizations to pay the ransom,” but understands not paying can have “significant ramifications” on the business or organization.
“The FBI typically does not get involved in negotiating with ransomware actors,” Vorndran said.
A major Russian-based ransomware syndicate called LockBit took responsibility for the attack in Fulton County. Four months later, the feds indicted the group’s alleged ringleader, Dmitry Khorshev, who they say went by the name “LockbitSupp” online.
CBS News scoured hacker chat rooms online until “LockbitSupp” finally answered. He seemed concerned about the FBI and said they had the wrong guy. He claimed to be “apolitical” and bragged he is a wolf who “eats the weakest.”
“He is a formidable adversary, right?” Vorndran said. “But we have really good people in the FBI as well, and that’s how we’ve been able to get close to him.”
LockBit ratcheted up its threats in Fulton County for weeks.
“Deadline number one came and passed. Get another call. Deadline number two passed,” Pitts said.
But Pitts followed the FBI’s advice and refused to pay the ransom.
“It’s taxpayers’ money, and we certainly weren’t gonna play footloose and fancy-free with our taxpayers’ money,” Pitts said.
The hackers faded away and Fulton County pieced its network back together, but Pitts knows it was a risky move.
“These are not high school kids in their basement playing on a laptop. That’s not the case. This is big, big business,” Pitts said.
When asked if it could happen to Fulton County again, he said it absolutely could.
It was a roll of the dice that paid off — for now.
The post A notorious ransomware group demanded millions from Fulton County. The official in charge refused to pay. appeared first on World Online.
