Security

Fresh virus misery for Illinois: Public health agency taken down by... web ransomware. Great timing, scumbags

Not like anyone is looking for medical advice right now


As the world tackles the COVID-19 coronavirus pandemic, ransomware creeps have knocked offline a public health agency's website that served nearly a quarter of a million people in the US.

The Champaign Urbana Public Health District (CHUPD) in Illinois, covering 210,000 folks, including the state's biggest university, said today it has had to set up an alternate website as it deals with a ransomware infection that took down its primary site. "We are working to get our website up and running," the district said in a post to a Facebook page that has now become its preferred outlet.

A spokesperson for the district also confirmed an earlier report from Mother Jones that the outage, which began Tuesday morning, was caused by a ransomware infection rather than a crush of traffic. "CUPHD can confirm that our system was attacked by a ransomware virus [called] Netwalker," El Reg was told.

Also known as MailTo, the Netwalker ransomware emerged earlier this year in targeted attacks.

Maersk prepares to lay off the Maidenhead staffers who rescued it from NotPetya super-pwnage

READ MORE

At the time of writing, the district's alternate website was operational and displaying some basic contact information about the deadly coronavirus outbreak. The organization's Facebook page remains active with advice on how to prevent and report further infection.

The Urbana-Champaign area in particular will be affected by the outbreak as the area is home to the University of Illinois, which brings in students from all over. The school, currently on its Spring Break, said yesterday that when classes resume, they will do so online.

The horrible timing of the ransomware attack – right as people turn to state officials for advice and information on a biological virus outbreak – is likely a coincidence, as ransomware infections have for months been spreading on various local government networks.

Ransomware masterminds in particular have found local governments to be easy prey due low IT staffing and a lack of basic security protections. Places as sparsely populated as Nunavut, Canada and as large as Baltimore, Maryland have had to deal with ransomware hijackings that shut down critical city services. ®

Send us news
27 Comments

Street newspaper appears to have Big Issue with Qilin ransomware gang

The days of cybercriminals having something of a moral compass are over

ChatGPT side-channel attack has easy fix: Token obfuscation

Also: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns

Yacht dealer to the stars attacked by Rhysida ransomware gang

MarineMax may be in choppy waters after 'stolen data' given million-dollar price tag

UK council won't say whether two-week 'cyber incident' impacted resident data

Security experts insist ransomware is involved but Leicester zips its lips

LockBit ransomware kingpin gets 4 years behind bars

Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally

Time to examine the anatomy of the British Library ransomware nightmare

Mistakes years in the making tell a universal story that must not be ignored

Microsoft confirms memory leak in March Windows Server security update

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns

It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files

New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia

Infosec teams must be allowed to fail, argues Gartner

But failing to recover from incidents is unforgivable because 'adrenalin does not scale'

Stanford University failed to detect ransomware intruders for 4 months

27,000 individuals had data stolen, which for some included names and social security numbers

JetBrains is still mad at Rapid7 for the ransomware attacks on its customers

War of words wages on between vendors divided

Possible China link to Change Healthcare ransomware attack

Alleged crim bought SmartScreen Killer, Cobalt Strike on dark-web markets