Cyber Attack on Robeson County Sheriff's Office

Incident Date:

April 12, 2024

World map

Overview

Title

Cyber Attack on Robeson County Sheriff's Office

Victim

Robeson County Sheriff's Office

Attacker

Ransomhub

Location

Lumberton, USA

North Carolina, USA

First Reported

April 12, 2024

Ransomware Attack on Robeson County Sheriff's Office

Victim Profile

Headquartered in the Robeson County Administration Center in Lumberton, the Robeson County Sheriff's Office plays a crucial role in maintaining law and order, providing emergency services, and promoting public safety. Serving the residents of Robeson County, it is also a member of the Lumber River Council of Governments, a regional planning board representing five counties. Additionally, the county has its own Soil and Water Conservation District led by an elected supervisor.

Ransomware Group Profile

Emerging in the cyber threat landscape, RansomHub is a new ransomware group operating as a Ransomware-as-a-Service (RaaS) entity. Affiliates of this group receive 90% of the ransom money. Targeting various countries, including the US, Brazil, Indonesia, and Vietnam, RansomHub employs ransomware strains written in Golang, a relatively new trend in the ransomware world.

Attack Details

Claiming responsibility for the attack via their dark web leak site, RansomHub has targeted the Robeson County Sheriff's Office which operates in the Government sector. The ransom note issued alongside the attack alleged the theft of 1.1 TB of data, including extremely sensitive data "sensational" files, posing a significant threat.

Victim Vulnerabilities

Being a government entity, the Robeson County Sheriff's Office may possess sensitive information and data valuable to threat actors. Its pivotal role in maintaining law and order makes it a prime target for ransomware attacks, as disruptions to its operations could have severe consequences for public safety in the county.

Sources:

RansomHub Dark Web Profile

AI Ransomware Adapt: Stay Protected

Threat Spotlight: Caught in the Wild - Millions of Phishing Attempts Each Month Try to Hook Your Users

VenariX Twitter

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.