Onyx Ransomware Attack on Jasper County Sheriff's Office

Victim Profile

The Jasper County Sheriff's Office, a key law enforcement agency in Jasper County, Indiana, has recently fallen victim to a cyberattack. This agency plays a crucial role in maintaining public safety and order, offering resources and services such as severe weather preparedness and emergency notifications on their website.

Ransomware Overview

Onyx, a ransomware strain identified in April 2022, is believed to be a derivative of Chaos ransomware, with similarities to Conti ransomware. It employs a double extortion tactic, threatening to publish stolen and encrypted data unless a ransom is paid, exacerbating the potential damage to its victims.

Attack Impact

Distinctively, Onyx ransomware inflicts harm by overwriting data with random junk, rendering a significant portion of the victim's data irrecoverable. This approach complicates data recovery efforts, even with the payment of a ransom and the provision of a decryption tool.

Vulnerabilities and Mitigation

While the exact method of attack by Onyx remains unspecified, potential vectors include social engineering, phishing, spam emails, or malicious attachments. Organizations are advised to adopt a comprehensive security strategy that includes anti-malware defenses, network monitoring, regular security assessments, employee training, and effective backup and recovery protocols to mitigate the risk of ransomware attacks.

Sources

• Jasper County Sheriff's Office Website: http://jaspercountypolice.com
• ManageEngine: The ransomware strain that exploits even 2MB files: Onyx
• SentinelOne: Onyx - SentinelOne
• Logstail: Onyx Ransomware: What is it and how to Face it
• eSecurityPlanet: Onyx Ransomware Destroys Large Files Instead of Locking Them