Black Cat ransomware shuts down Austria’s passport and transport departments after encrypting 3,000 computers

Black Cat ransomware group claims to have hacked some computer systems in the state of Carinthia, Austria, demanding a ransom of $5 million in cryptocurrency in exchange for resetting the compromised systems.

Local authorities have already confirmed that they do not plan to negotiate with the hackers or pay any ransom, as there is no evidence that the information was exposed before encryption. Local government IT teams will conduct a recovery process using their backup resources.

The incident had an impact on the systems for government procedures. Gerd Kurath, Carinthia’s press chief, said: “We believe that, of the 3,000 workstations affected, at least half will be available again this Friday. Until then, no new passports can be issued or traffic fines paid.”

In addition to the passport and fine system, the attack had an impact on state email servers and the main local government website, which could be out of service until next week. Another system affected by the infection is the COVID-19 positive case tracking service.

Carinthia authorities have decided not to share further information on the incident, so details like the ransom amount demanded by hackers or the amount of supposedly exposed data are still unknown.

The local police concluded their report by assuring that they will continue to work with the national authorities to determine the causes of the incident and implement the necessary security mechanisms to prevent new incidents in the future.

Since 2021, ransomware has become one of the biggest cybersecurity concerns for countries in Europe, especially for members of the European Union. Just a few days ago, the Killnet ransomware operation launched a series of powerful attacks against public systems in Italy and Germany, attracting the attention of researchers, law enforcement agencies, and even groups like Anonymous.

Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.