A new report by cybersecurity firm Symantec has revealed that the hacking group behind the expensive cyberattack that shut down several of the city of Atlanta’s computer systems is targeting other US-based organizations.
They include up to 67 new targets, including one involved in the administrative work behind the upcoming midterm elections, Symantec revealed.
An excerpt from the Symantec report read:
Of the 67 organizations targeted during 2018, 56 were located in the United States. A small number of attacks were logged in Portugal, France, Australia, Ireland and Israel.
The “highly active” group behind the ransomware are targeting multiple sectors including the most common target of them all – healthcare, accounting for 24 percent of all attacks this year.
“Why healthcare was a particular focus remains unknown,” researchers wrote in the report. “The attackers may believe that healthcare organizations are easier to infect. Or they may believe that these organizations are more likely to pay the ransom.”
The cyberattack against the city of Atlanta, where the SamSam ransomware malware infected and encrypted a number of municipal computers, is estimated to have cost losses of roughly $10 million alone. The hacking group has also been linked to the attack on the Department of Transportation in the state of Colorado.
The organization which is set to play a role in administrating elections – yet to be identified – could lead to significant disruption of the upcoming midterm elections on November 6 in the event of a successful attack.
It is, however, unlikely that the notorious group targeted the local government administration to tamper with the elections.
Image credit: LIFARS archive.