onyx attacks Jasper County Sheriff's Office

Incident Date:

April 29, 2022

World map



onyx attacks Jasper County Sheriff's Office


Jasper County Sheriff's Office




De Motte, USA

Indiana, USA

First Reported

April 29, 2022

Onyx Ransomware Attack on Jasper County Sheriff's Office

Victim Profile

The Jasper County Sheriff's Office, a key law enforcement agency in Jasper County, Indiana, has recently fallen victim to a cyberattack. This agency plays a crucial role in maintaining public safety and order, offering resources and services such as severe weather preparedness and emergency notifications on their website.

Ransomware Overview

Onyx, a ransomware strain identified in April 2022, is believed to be a derivative of Chaos ransomware, with similarities to Conti ransomware. It employs a double extortion tactic, threatening to publish stolen and encrypted data unless a ransom is paid, exacerbating the potential damage to its victims.

Attack Impact

Distinctively, Onyx ransomware inflicts harm by overwriting data with random junk, rendering a significant portion of the victim's data irrecoverable. This approach complicates data recovery efforts, even with the payment of a ransom and the provision of a decryption tool.

Vulnerabilities and Mitigation

While the exact method of attack by Onyx remains unspecified, potential vectors include social engineering, phishing, spam emails, or malicious attachments. Organizations are advised to adopt a comprehensive security strategy that includes anti-malware defenses, network monitoring, regular security assessments, employee training, and effective backup and recovery protocols to mitigate the risk of ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.