"BlackCat/ALPHV Ransomware Asks $5 Million to Unlock Austrian State"

The BlackCat ransomware gang, also known as ALPHV, has targeted the Austrian federal state Carinthia, demanding $5 million to unlock encrypted computer systems. The threat actor allegedly locked thousands of workstations during the attack, causing significant operational interruption to government services. Carinthia's website and email service are temporarily down, and the government cannot issue new passports or traffic fines. Furthermore, the cyberattack has hindered the processing of COVID-19 tests and contact tracing through the region's administrative offices. However, according to Gerd Kurath, a spokesperson of the state, the attacker's demands will not be met. According to the representative, there is currently no proof that BlackCat stole any data from the state's systems. The state's current plan is to restore the workstations using available backups. In November 2021, the ALPHV/BlackCat ransomware gang emerged as one of the more advanced ransomware operations. They are a rebranded version of the DarkSide/BlackMatter group that carried out the Colonial Pipeline attack last year. The FBI issued a warning that BlackCat had compromised at least 60 entities globally. The attack on Carinthia and the hefty ransom demands suggest that the threat actor is focusing on organizations that can pay a considerable sum of money to have their systems decrypted and avoid further financial losses due to lengthened operational disruption. This article continues to discuss the BlackCat/ALPHV ransomware attack on Carinthia and the history of this ransomware gang.

Bleeping Computer reports "BlackCat/ALPHV Ransomware Asks $5 Million to Unlock Austrian State"