Martin County Tax Collector “Likely” Hacked by Ransomware, Expert Says
MARTIN COUNTY – A leading cybersecurity expert said it was “reasonably likely” that the BlackByte ransomware attackers were responsible for the ongoing shutdown of the Martin County tax collector’s office.
A message posted on the dark web by the hackers could be another piece of evidence pointing to their responsibility in the “security incident” that shut down most of the office’s services for more than two weeks.
The expert intervenes:Ransomware attack on Martin County tax collector’s office could damage data
The message tells the tax collector’s office that BlackByte has “decided to provide you with free decryption so you can keep working … We ask your IT team to write to us.” To our mail. So we can help you get your system back up and running.
Brett Callow, a threat analyst at global cybersecurity firm Emsisoft, which earlier this year helped resolve the Colonial Pipeline Co. ransomware attack, told TCPalm he discovered the message on the website. of the group when collecting general information.
It appears to have been released within the past 24 hours, Callow said on Monday.
The dark web has online content that is only accessible by certain software or permissions and is generally associated with illegal activity, according to the digital security company. Norton.
The message – along with public records showing BlackByte was initially identified as the culprit in shutting down the tax collector’s office, Callow said, reinforces the possibility that he was responsible.
“It would seem reasonably likely that they were indeed responsible,” he said.
Tax collector Ruth Pietruszewski declined to comment on BlackByte’s post on Monday, citing the ongoing investigation.
Cybercriminals may be offering free decryption or a code to resend the collector’s data because they have “cold feet,” Callow said.
Hackers could have turned back the clock after attacking a government operation at a time when federal law enforcement is ramping up their efforts against ransomware, he added.
If, in fact, the hackers again give the tax collector’s office access to its data, the process could take a long time and, ultimately, the code could be corrupted, inflicting even more damage, a said Callow.
“We don’t know exactly who the operators are or where they are based,” he said. “They didn’t say what they would do with the data they (may) have stolen in this incident.”
Meanwhile, the collector’s main office in Stuart reopened Monday for paying property tax bills, but still couldn’t process transactions for the Florida Department of Highway Safety and Motor Vehicles.
Pietruszewski said she plans to reopen all operations on Monday afternoon, but a statewide software shutdown of auto services has extended the office’s going live. She hopes this will be fixed on Tuesday, she said.
A sign on the door of Stuart’s office on Monday still referred residents of Martin County to the St. Lucie County Tax Collector’s office for vehicle services despite the neighbor’s announcement on Friday that he would no longer welcome residents of the Martinique. Martin County.
Stuart resident Gene Botelho visited a tax collector in Saint Lucia on Monday morning after reading the sign, he said. He waited 30 minutes before being turned away in order to register a new license plate for his car.
” It’s horrible. It’s terrible, ”he said of the Martin County office’s lack of communication.
On Monday, the Publix registration renewal sticker kiosk on Southwest Martin Downs Boulevard in Palm City was back up and running, Pietruszewski said.
In addition, concealed weapon services were available at the Tax Collector’s locations in Stuart and Hobe Sound, and Transportation Safety Agency services were available at the Palm City location.
Lina Ruiz is TCPalm’s surveillance reporter for Martin County. You can reach her at [email protected], on Twitter @ Lina_Ruiz48 or at 321-501-3845.