From darkreading.com
Officials are investigating an April 13 ransomware attack that targeted Stuart’s city servers and forced it offline.
A ransomware attack targeting the city of Stuart, Fla., is believed to have started with a phishing email, officials say. The incident struck on April 13 and affected city servers and computers.
An investigation revealed it was the Ryuk strain of ransomware that targeted city machines and forced them offline. City manager David Dyess did not disclose the Bitcoin ransom demanded; he did report investigators are analyzing an infected machine to determine how the virus got in. Ryuk is the same ransomware seen in attacks against Jackson County, Ga., and Albany, N.Y.
So far, he says, it seems a brute-force attack is not to blame. Given the infected machine is a desktop computer with no external connectivity, officials think a phishing email could have been the attack vector. So far, Stuart has restored servers for functions including payroll, utilities, and budgeting; however, city employees still don’t have access to their email accounts.
As of the latest update, Stuart’s police and fire departments are still offline. Dyess expects service should be restored within the next week and a half, TCPalm reports.