Louisiana Hit With A Ransom Attack
An attempted ransomware attack on 18th November has prompted Louisiana officials to deactivate servers for numerous state agencies, including the office of Gov. John Bel Edwards, the state legislature, the Office of Motor Vehicles and the office of Secretary of State Kyle Ardoin.
Roughly 1,500 of the state’s 30,000 computers were infected by the cyberattack, the Office of Technology Services (OTS) told lawmakers on the state's Joint Legislative Committee on the Budget.
The state’s Office of Technology Services said that detection of a “cybersecurity threat” prompted it to take down the state’s servers, temporarily knocking out websites, government employees’ email and other online services. Most websites were operational by Monday evening, though some state employees were still resorting to using personal email to send out communications.
Louisiana officials said that while it may take several days for all affected services to be restored, the state does not anticipate any data loss, nor did it pay a ransom.
In response to the attempted attack, Edwards activated the state’s cybersecurity response team, which includes OTS, the Governor’s Office of Homeland Security, the Louisiana State Police and the National Guard. Edwards previously deployed the team in July, when several school districts’ computer systems were infected with ransomware just weeks before the start of the new academic year, prompting the governor to issue an emergency declaration.
The state did not pay the ransom demanded by attackers, who were using a variant of the same Ryuk ransomware used in attacks on several Louisiana school districts' networks in July.
“Our experts train and prepare for these types of incidents and have been successful in mitigating similar issues in the past, including this summer when our teams successfully brought services back online following the cyberattack on local schools,” Jay Dardenne, the commissioner of the Louisiana Department of Administration, OTS’s parent agency, said in a press release.
Officials said the attack detected was similar in nature to the July incident, including the presence of the ransomware virus Ryuk, which has collected several six-figure payouts from local governments across the United States since it first appeared in late 2018.
Louisiana.gov Ars Technica: WAFB: StateScoop:
You Might Also Read:
Hackers Demand Ransom After Stealing Johannesburg's Data:
Georgia Suffers A Nationwide Cyber Attack: