lockbit2 attacks Kansas Highway Patrol General Headquarters
Incident Date:
June 5, 2022
Overview
Title
lockbit2 attacks Kansas Highway Patrol General Headquarters
Victim
Kansas Highway Patrol General Headquarters
Attacker
Lockbit2
Location
First Reported
June 5, 2022
Kansas Highway Patrol Suffers Ransomware Attack
The Kansas Highway Patrol (KHP) has been targeted by the ransomware group Lockbit2, with the attack confirmed through a leak on the group's dark web site. The organization operates in the Government sector and is a state law enforcement agency dedicated to providing service, courtesy, and protection to the citizens of Kansas. It employs a diverse range of personnel, including technical troopers and capital police officers.
The size of the Kansas Highway Patrol is not explicitly stated. However, the attack's impact on the Kansas judicial branch, which includes the state's appellate courts and district courts in 104 counties, suggests that the Kansas Highway Patrol is part of a larger government system affected by the ransomware attack.
The specific vulnerabilities that led to the Kansas Highway Patrol being targeted by Lockbit2 are not detailed. Nonetheless, it is noted that the attack was executed by a ransomware gang based in Russia, indicating that the attackers may have exploited vulnerabilities in the organization's cybersecurity defenses, potentially through social engineering or known software vulnerabilities.
As of now, the Kansas Highway Patrol has not released a statement regarding the ransomware attack. The focus remains on the attack on the Kansas judicial branch, which occurred in October 2023. The recovery process is ongoing, with Kansas Supreme Court Chief Justice Marla Luckert expressing optimism that full functionality of all systems is "on the near horizon".
Sources
- Kansas Highway Patrol, KS | Official Website
- FOX 4 Kansas City WDAF-TV | News, Weather, Sports
- The Record
- Kansas Supreme Court releases statement on October 12 security incident
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.