Security News > 2020 > June > Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity
In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware.
It is part of a quad-city metropolitan area perhaps best known for the Muscle Shoals Sound Studio that recorded the dulcet tones of many big-name music acts in the 1960s and 70s. On May 26, acting on a tip from Milwaukee, Wisc.-based cybersecurity firm Hold Security, KrebsOnSecurity contacted the office of Florence's mayor to alert them that a Windows 10 system in their IT environment had been commandeered by a ransomware gang.
In an interview with KrebsOnSecurity Tuesday, Holt acknowledged the city was being extorted by DoppelPaymer, a ransomware gang with a reputation for negotiating some of the highest extortion payments across dozens of known ransomware families.
Steve Price, the Florence IT manager whose Microsoft Windows credentials were stolen on May 6 by a DHL-themed phishing attack and used to further compromise the city's network, explained that following my notification on May 26 the city immediately took a number of preventative measures to stave off a potential ransomware incident.
Hold Security founder Alex Holden said Florence's situation is all too common, and that very often ransomware purveyors are inside a victim's network for weeks or months before launching their malware.