Wisconsin county dealing with ransomware attack on public health department

A county in Wisconsin is responding to a ransomware attack that targeted its public health department and forced officials to take some systems offline.

Officials in Rock County, Wisconsin told Recorded Future News that they experienced a cyberattack on September 29 that affected several of their computer systems.

The attack targeted the Rock County Public Health Department – which serves more than 160,000 people across 25 cities, villages and towns in the area. The county is about an hour away from both Madison and Milwaukee.

The Rock County Public Health Department (@DHSWI), a government health care agency in #Wisconsin, #UnitedStates , has reportedly been #hacked by #Cuba #ransomware group... pic.twitter.com/nj52nrVbL5

— BetterCyber (@_bettercyber_) October 3, 2023

“We responded quickly to this incident by taking systems down to prevent further impact and are working with third-party specialists to securely bring our systems back online as quickly as possible,” County Administrator Josh Smith said.

“Since some systems are not yet fully operational, this may temporarily impact certain County operations. However, the public should experience minimal service disruption at this time. We are investigating the full nature and scope of this event, as well as its impact to any data in our systems.”

Smith added that they are working to fully restore the system and will provide updates to local residents as they progress.

The attack was claimed by the Cuba ransomware gang on Tuesday. The gang, which has no relation to the country, did not say how much data was stolen but said the information included financial documents, tax information and more.

Researchers at Google and Ukraine's Computer Emergency Response Team believe that the criminals behind the ransomware may be connected to the Russian state, as they have been seen targeting government systems in Ukraine and Montenegro.

In November 2022, the FBI and other U.S. agencies said the group launched attacks against 100 organizations around the world and brought in $60 million.

Municipalities in Wisconsin have faced a barrage of attacks over the last year. Ransomware hackers shut down a school district serving nearly 20,000 students one year ago and caused a “catastrophic software failure” in Langlade County in July. That attack, by the LockBit ransomware gang, crippled the county’s sheriff’s office and forced 911 calls to be rerouted.

In addition to ransomware, Wisconsin’s state court system was hit with a distributed denial-of-service (DDoS) attack in March that caused issues.