Minnesota's Lower Sioux Indian Community had operations of its healthcare facility, government center, and casino taken down by a cyberattack initially disclosed by officials on Friday and later claimed by the RansomHub ransomware-as-a-service operation earlier this week, reports The Record, a news site by cybersecurity firm Recorded Future.
Aside from disrupting tribal phones, emails, and fax machines, such an incident has also impacted all its hotel systems and its casino's digital gaming machines, noted tribe officials. "The Tribe is working with third party experts to address the incident, with the goal of returning to normal operations as quickly and as safely as possible," officials added. Such a disclosure comes more than a month after Michigan's Sault Ste. Marie Tribe of Chippewa Indians, also known as Sault Tribe, was also alleged to be compromised by the RansomHub gang, which has emerged as the most prolific ransomware group following the dismantling of the ALPHV/BlackCat and LockBit operations last year. RansomHub's immediate ascent to the ransomware throne was reported by ESET to have been facilitated by its EDRKillShifter malware that zeroes in on targeted systems' endpoint detection and response software.
