Unknown hackers stated that they had made multiple attempts to reach tribal leaders. They claimed to have left voicemails, sent emails, and posted messages on the internal network, yet received no response from the tribe
The Sault Ste. Marie Tribe of Chippewa Indians continues its work to get its operations back on track after a crippling ransomware attack on February 9. This cyber strike disrupted Kewadin Casinos and other tribal services leaving many people uncertain while officials tried to regain control of their systems. In an unexpected twist, the hackers contacted a local newspaper expressing their frustration with the tribe’s lack of response.
Hackers Claim Tribal Leaders Ignored Repeated Attempts to Negotiate
The ransomware attack had a major impact on the tribe causing its five Kewadin Casinos to shut down and disrupting healthcare and other key services. The attack damaged the tribe’s computer systems, phone lines, and gaming equipment, which forced officials to close many departments. Tribal chairman Austin Lowes reassured the public that work to get things back to normal was in progress, though it might take a while to recover.
During these disruptions, unknown hackers sent a letter to The Sault Tribe Guardian. They claimed they had tried to contact the tribal leaders many times. They said that even after leaving voicemails, sending emails, and posting messages on the internal network, the tribe would not talk to them. The hackers also said reports of a $5 million ransom demand were not true. They called this figure “speculative” because no one had negotiated about it yet.
The hackers claimed their goals were about money and they did not want to hurt anyone beyond asking for cash. Their message said they got more than 100 gigabytes of private tribal information, with over 500,000 files total. They warned that if the tribe does not answer, they will make this information public on February 19, which could damage the tribe’s finances and reputation.
Hackers Criticize Tribe’s Cybersecurity as Kewadin Casinos Begin Reopening
The hackers slammed the tribe’s cybersecurity defenses saying one IT expert could not protect such a large infrastructure. They also pointed out that the tribe has several cyber insurance plans, which should have led to discussions between all involved, based on industry norms. They hinted that the lack of any response might suggest bigger financial troubles in the tribal leadership.
Even with ongoing threats, the tribe says Kewadin Casinos will start to reopen in phases, beginning on February 26. Officials have not said if they paid a ransom or if cybersecurity experts managed to take back control of the systems on their own.
The tribe is also bringing back its services, including healthcare, and has set up temporary phone numbers for important contacts.
The hackers’ letter has not been confirmed, but cybersecurity experts think a group called RansomHub might be behind this. This group has links to many ransomware attacks often using a “double-extortion” method — they lock up systems and steal data to push victims to pay up.
