Ransomware hit Louisiana's state government hard yesterday, shutting down multiple websites and email systems after it fell victim for the second time in just a few months to a ransomware attack. In a series of tweets, Louisiana state governor John Bel Edwards revealed that his office had activated a cybersecurity response team in response to an attack that had affected "some, but not all state servers." The Louisiana Office of Technology Services (OTS) took the state's servers down "out of an abundance of caution" to "prevent additional infection", which had a predictable impact on many government agencies' websites, online services, and email. Amongst the affected agencies was the Department of Children and Family Services which tweeted that its child abuse and neglect hotline had been impacted. https://twitter.com/LouisianaDCFS/status/1196550667713699840 It's not the first time that Governor John Bel Edwards, who was re-elected at the weekend, has found himself tackling a ransomware attack. In July the Governor declared Louisiana's first-ever statewide emergency related to a cyber incident after five districts had their computer and phone systems disrupted by what was described as a "severe" ransomware attack that struck networks across the state, including those belonging to numerous government agencies and school districts.
Law enforcement agencies are said to be investigating the latest ransomware attack, which is said to be similar to the one which hit local school districts and government agencies in the summer. Recent months have seen a spate of US states and cities struck by ransomware attacks, some of which have resulted in criminal gangs successfully extorting ransom payments worth millions of dollars. Obviously prevention in the first place is better than cure, but if ransomware does successfully infect a network it's much more preferable to be in a position to be able to recover data and bring systems back up and running rather than feel compelled to pay the criminals who launched the attack for a decryption key. Fortunately, it sounds like Louisiana may have been well prepared to deal with this incident. In 2017 Governor Edwards announced the creation of a Cyber Security Commission to share information, coordinate cybersecurity efforts across the government, and lead the response to emerging threats. According to the Governor, it may take several days for full services to be restored, but it is not anticipated that any data loss will have occurred, and the ransom will not be paid.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.