The US Marshals Service Gets Hacked

The US Marshals Service (USAMS)is an agency within the Department of Justice is responsible for pursuing fugitives and handling federal prisons in the US has been hit by a ransomware attack.  The federal agency, best known for its work in tracking down and capturing fugitives wanted by law enforcement  has notified the US government of the breach.

According to the sources, the USMS suffered a major ransomware attack two weeks ago that has compromised some of its most sensitive information, including law enforcement materials, the personal information of employees and the potential targets of federal investigations.

The US Department of Justice is investigating the breach and this cyber-attack is considered a "major incident" by officials and has hit a particular system within the service and the attack was discovered on 17th February "Shortly after that discovery, the USMS disconnected the affected system, and the Department of Justice initiated a forensic investigation," a spokesman told reporters.

The hackers were able to obtain administrative data, like personal information of certain employees, and about wanted fugitives, as well as information on unidentified third parties. The affected system also contained sensitive law enforcement information, including about ongoing legal procedures.

Officials at the Department of Justice, which oversees the USMS, deemed the cyber breach a "major incident" on Feb. 22, following a briefing by the Marshals Service. Under US policy, major incidents are considered to be "significant cyber incidents" deemed likely to result in demonstrable harm to US national security, foreign relations or the economy, or to the public confidence, civil liberties, or the public health and safety of the American people. 
Federal agencies are required to report "major incidents" to Congress within seven days of identification.

The Marshalls Department's recovery efforts are continuing, alongside a forensic investigation. "We are working swiftly and effectively to mitigate any potential risks as a result of the incident," the spokesman said. 

CBS:      BBC:      Reuters:     Guardian:     NBC:     Security Week:  

You Might Also Read:

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Banning Ransomware Payments - Will It Work? 
New US National Cyber Security Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Acumin Recruitment

Acumin Recruitment

Acumin is an internationally established Cyber Security recruitment specialist.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

ERNW

ERNW

ERNW is an independent IT Security service provider with a focus on consulting and testing in all areas of IT security.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

Orchestra Group

Orchestra Group

Orchestra Group offer a unique integrated cybersecurity defense platform with proactive security policy management and enforcement orchestration.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

Cytenna

Cytenna

Cytenna Signal is a suite of SaaS (Software-as-a-Service) products that use AI and machine learning to automatically aggregate the latest information about software vulnerabilities.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

National Cyber Coordination & Command Centre (NC4) - Malaysia

National Cyber Coordination & Command Centre (NC4) - Malaysia

NC4 is established as a center for dealing with cyber threats and crisis at the national level in Malaysia.

Pivot Technology School

Pivot Technology School

Pivot Tech offers Data Analytics, Software Development and Cyber Security training in boot camp style cohorts.

Searchlight Cyber

Searchlight Cyber

Searchlight Cyber is a leading darknet intelligence company. Working with law enforcement, industry, and end users to help protect society against the threats of the darknet.

nandin Innovation Centre

nandin Innovation Centre

nandin is ANSTO’s Innovation Centre (Australian Nuclear Science and Technology Organisation) where science and technology entrepreneurs, startups and graduates come together.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.