The Play ransomware group has continued its operations targeting several US cities and disrupting crucial systems. In the latest turn of events, the ransomware group added the City of Lowell, Massachusetts, and the City of Dallas, Texas, as its latest victims.
Both cities were attacked after the cybercriminals managed to infiltrate computer systems, holding sensitive data hostage.
In the case of the City of Lowell case, the PLAY ransomware group has claimed responsibility for the attack, stating that they have gained access to passports, IDs, finance, payroll, department documents, budget, and other confidential information.
The attack was discovered on May 3, and the amount of data that has been affected is yet to be determined.
Play ransomware attacks US cities: What we know so far!
Commenting on the situation, officials in Lowell stated that they are working to isolate the ransomware and prevent it from spreading further while also working to remove the malware from infected servers and restore impacted services.
However, the recovery process could take some time, and there is no guarantee that all data will be recovered.
Meanwhile, a large cyberattack in the City of Dallas has disrupted multiple services.
The attack affected many important computer systems, including the computer-assisted dispatch system used by 911 dispatchers.
As a result, dispatchers had to write reports and give them to officers manually rather than submitting them electronically.
The City of Dallas also had to turn off some of its IT systems to prevent the ransomware from spreading.
Officials are now working to isolate the malware and remove it from infected servers while also restoring any services that have been impacted.
In both cases, the attacks highlight the increasing threat of ransomware attacks and the importance of maintaining strong cybersecurity measures.
As the PLAY ransomware group stated in their message to the City of Lowell, many attacks result from organizations neglecting their security measures.
Play ransomware attacks US cities: The response
“Most likely what happened was that you decided to save some money on your security,” read the message from the hacker collective.
“Alas, as a result, your critical data was not only encrypted but also copied from there. From there it can be published online.”
“Then anyone on the internet from darknet can even see your internal documentation: personal,” the hackers further stated in the note.
Now looking at the current situation where Play ransomware attacks US cities and is basically creating havoc, it is more than important for organizations to take the necessary steps to protect themselves from cyberattacks.
These include regularly updating software, maintaining strong passwords, and implementing multi-factor authentication.
As these recent attacks have shown, the cost of neglecting cybersecurity can be significant in terms of financial losses and damage to reputation.