FOX54 EXCLUSIVE: Expert believes Augusta was struck with ransomware attack, despite denials

After FOX54 broke news of a ransomware attack, we were contacted by Brett Callow, who works as a threat analyst for Emsisoft.
He says their company works to prevent, protect and recover data for businesses and municipalities. We asked him what he knows about the cyber-attack against the city.

“I know that Augusta has been listed on the website of a ransomware operation known as Blackbyte,” said Callow.

When we mentioned that the Mayor’s Office was unaware of a monetary demand, Callow said:
Lauren: “Is this potentially not ransomware?”
Callow: “Well, a known ransomware group has claimed responsibility for the attack so we know there’s been an attack we know that a ransomware group has been responsible for that attack so it’s fair probability that it is ransomware.”

As for the lack of a ransom request, Callow says: “Yeah, the way these attacks work is there is a note left on the affected system that simply contains the address of a website. There is no monetary demands made at that stage. The target will receive the monetary demand if and when they visit that website.
Callow says the amount he’s come across is actually $400,000 to delete the data and possibly get an encryption key. He says it indicated $300,000 for anyone else to purchase it.

As Callow explains, the request for any money wouldn’t come until after the party clicked on a website to retrieve or release data, and there’s no way for FOX54 to confirm, at this time, if the $400,000 amount Mr. Callow says he discovered wasn’t at one time higher.