Carlsbad, California – Encina Wastewater Authority (EWA) found itself targeted by the notorious BlackByte ransomware group. The threat actor, known for its aggressive tactics, posted a message on its platform indicating the alleged Encina Wastewater Authority cyberattack. The message hinted at the potential sale of sensitive company documents obtained during the intrusion.

Despite the claims made by the BlackByte ransomware group, the website of Encina Wastewater Authority, http://encinajpa.com, remained operational without immediate signs of intrusion. However, cybersecurity experts suggest that the threat actor might have penetrated the organization’s backend systems or databases rather than launching a visible front-end attack like a distributed denial-of-service (DDoS) assault.

Decoding the Encina Wastewater Authority Cyberattack 

Encina Wastewater Authority (EWA) in Carlsbad, California, serves over 379,000 residents and businesses across North San Diego County, covering a 125-square-mile area. EWA ensures reliable wastewater treatment, resource recovery, and environmental protection, vital for public health and regional water sustainability.

The Cyber Express has reached out to Encina Wastewater Authority for clarification regarding the alleged cyberattack. However, at the time of writing this, no official statement or response has been issued by the organization, leaving the claims of the cyberattack on Encina Wastewater Authority unconfirmed.

Moreover, the threat actor in question, the BlackByte ransomware group, has also shared some sample documents with its claims of the attack. “Company documents, deletion/purchase. If you are interested in purchasing the data or requesting to remove it, Please connect us through our Email”, reads the threat actor’s post. 

The Rise of BlackByte Ransomware Group

The BlackByte ransomware group has been on the radar of cybersecurity agencies since its emergence in July 2021. Notorious for targeting critical infrastructure, BlackByte gained the attention of the Federal Bureau of Investigation (FBI) and the US Secret Service (USS) within its first year of operation. 

By November 2021, the ransomware group had already attacked sectors including government facilities, financial institutions, and food and agriculture.

Despite efforts to combat BlackByte’s activities, such as the release of a decrypter by Trustwave in October 2021, the ransomware group continued to evolve its tactics. Developers released newer versions of the ransomware, employing multiple encryption keys and cautioning victims against using available decrypters.

Currently, BlackByte persists in targeting organizations worldwide, operating on a ransomware-as-a-service (RaaS) model for its affiliates. However, like other ransomware families, BlackByte notably avoids targeting entities based in Russia.

As for the Encina Wastewater Authority cyberattack claims, The Cyber Express will be closely monitoring the situation and we’ll update this post once we have more information on the alleged attack or any official statement or response from the organization. 

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.