After the ransom payment on last Monday of nearly $500,000, officials from Lake City, Florida fired an IT employee. The name of the IT employee was not revealed, who was fired on last Friday. The city’s IT manager plans to reconstruct the whole IT department to prevent a similar incident from happening in future.
The IT network of Lake City was infected with the malware on June 10, while the incident was named as ‘triple threat’. The city’s network was infected with TrickBot trojan which later downloaded the Emotet trojan, and that later on downloading another of it’s partner, the ransomware. This whole process happened due to an employee opening a document, received through email.
The malwares spread and infected the entire city’s IT network encrypting their files, and the attackers demanded a ransom for the city to regain access to its systems.
The ransom payment was approved by the city’s officials on last Monday, which was then paid on Tuesday and the IT staff started decrypting all of the files on the very same day.
Earlier it was noticed that phishing campaigns were identified targeting Windows PC. The people were targeted with emails containing ISO file format files, as they are pretty uncommon so passes through the detection phase in most cases.