Antwerp City Services Down After Ransomware Attack
Online services at the city of Antwerp, Belgium knocked offline this week after ransomware attack on city’s digital partner
A cyberattack of provider of digital services to Belgium’s largest city, Antwerp, has caused significant disruption this week.
Bleepingcomputer reported that the ransomware attack on the digital partner, resulted in the downing of Antwerp’s city services.
The disruption reportedly impacted services (email, phone systems etc) used by citizens, schools, daycare centres, and the police.
Antwerp attack
According to Bleepingcomputer, an investigation is ongoing, but the little information available points to a ransomware attack from a threat actor that has yet to be disclosed.
Local media reported that the hackers were able to disrupt Antwerp’s services after breaching the servers of Digipolis, the city’s digital partner that provides administrative software.
The report suggested that almost all Windows applications were impacted.
Phone service for some departments was also unavailable. Alexandra d’Archambeau, a councilor member for the district of Wilrijk, said earlier today that the city’s email service was down.
The ransomware attack also reported disrupted Antwerp’s reservation system and identity card, travel card system, as well as residential care services for old age pensioners (as the attack impacted a medication tracking system).
It is unclear when Antwerp’s IT systems will become fully functional by Antwerp’s mayor said that the impact could last until the end of December.
Rackspace attack
The Antwerp attack comes after hosting firm Rackspace confirmed this week that it is investigating after suspicious activity in its Hosted Exchange environment earlier this month.
It then confirmed that the “isolated disruption is the result of ransomware and our security team is working with a lead cyber defense firm to investigate.”
UPDATE: Since becoming aware of suspicious activity in our Hosted Exchange environment on 12/2, we’ve determined that the isolated disruption is the result of ransomware and our security team is working with a lead cyber defense firm to investigate. Status:https://t.co/Uz0k8GL7Sg
— Rackspace Technology (@Rackspace) December 6, 2022
Last month a report from cybersecurity specialist Deep Instinct confirmed that the cyber risks facing businesses during 2022 remain severe, with ransomware being the most serious threat to organisations.
In November the Australian Department of Defence admitted that some personal details of Australian military personnel may have been stolen by hackers in a ransomware attack on a private contractor.