viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Hacker’s paradise: Louisiana’s ransomware disaster far from over
Technology

Hacker’s paradise: Louisiana’s ransomware disaster far from over

27/11/2019

Building with tower overlooks its own reflection in lake.
Enlarge / Louisiana State Capitol, Baton Rouge, Louisiana, at dusk.

Louisiana has brought some of its services back as it recovers from a targeted ransomware attack using the Ryuk malware on November 18. The state’s Office of Motor Vehicles re-opened offices on Monday in a limited fashion. But OMV and other agencies affected—including the state’s Department of Health and Department of Public Safety—are facing a number of potential hurdles to restoring all services, according to people familiar with Louisiana’s IT operations.

The ransomware payload was apparently spread across agencies by exploiting Microsoft Windows group policy objects—meaning that the attackers had gained access to administrative privileges across multiple Active Directory domains. This is symptomatic of TrickBot malware attacks, which uses GPOs and PsExec (a Microsoft remote administration tool) to spread its payload.

This is the second major cybersecurity incident this year in Louisiana tied to Ryuk ransomware. In July, Governor John Bel Edwards declared a state of emergency and deployed the state’s cyber response team to assist seven parish school districts. There have been many other Ryuk attacks this year that have used TrickBot and, in some cases, the Emotet trojan—an attack referred to by some experts as a “Triple Threat” commodity malware attack. At least two Florida cities and Georgia’s Judicial Counsel and Administrative Office of the Courts were also hit by “Triple Threat” attacks.

Mind the gap

According to testimony by Deputy Chief Information Officer Neal Underwood before the Louisiana legislature’s Joint Legislative Committee on the Budget, only 10% of the state’s 5,000 servers were affected by the ransomware attack, and a total of about 1,500 computers of the state’s 30,000 systems were “damaged” by the ransomware. Others were taken offline as a precaution as part of the response to the attack. And OMV officials and a spokesperson for the office of Louisiana’s secretary of state—which had to shut down systems tied to election data in the midst of vote recounts in Louisiana’s elections—declared that no data was lost in the attack.

But that declaration may have been early and certainly did not apply across all Louisiana’s agencies. Some data may be lost, as agencies’ file backups were in some cases not current. In a letter in response to a public information request shared with Ars, an attorney for the Louisiana Department of Public Safety stated that the request could not be completed because records required for the response were unavailable “due to the recent ransomware attack on the state’s computer systems.”

An email from a Louisiana Department of Public Safety attorney explaining why a freedom of information request could not be processed—ransomware.
Enlarge / An email from a Louisiana Department of Public Safety attorney explaining why a freedom of information request could not be processed—ransomware.

Some offices of the OMV still have not re-opened, as their personal computers remain disconnected from the agency’s network because they have not yet been checked for malware. And significant amounts of data—including records for the state’s Medicare and Medicaid system—may have been lost because backups maintained by Louisiana Department of Health’s data center vendor were over six months old. While the state contracted out operations of LDH’s data center, database servers and other systems remained accessible to Louisiana Office of Information Technology administrators.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

Google’s MixIT AI isolates speakers in audio recordings
Google today announced the launch of Tree Canopy Lab for …

Google’s Tree Canopy Lab taps AI to help cities plan tree-planting projects

ProBeat: Microsoft wants TikTok for the same reason the U.S. fears China
It’s been a month since U.S. Secretary of State Mike …

ProBeat: Microsoft wants TikTok for the same reason the U.S. fears China

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • No, it doesn’t just crash Safari. Apple has yet to fix exploitable flaw
    No, it doesn’t just crash Safari. Apple …
    26/05/2021
  • Uber open-sources Manifold, a visual tool for debugging AI models
    Uber open-sources Manifold, a visual tool for …
    08/01/2020
  • ProBeat: Google still needs you to label photos for its ML
    ProBeat: Google still needs you to label …
    14/11/2020
  • Russian attempt to throttle Twitter appears to backfire
    Russian attempt to throttle Twitter appears to …
    10/03/2021
  • Beat Saber is now an Oculus studio after Facebook acquisition
    Zebra’s SmartSight inventory robot keeps an eye …
    13/01/2020

Popular Posts

  • Microsoft fends off record-breaking 3.47 Tbps DDoS attack
    Pro-Russia threat group Killnet is pummeling Lithuania …
    27/06/2022 0
  • 10 Huge Problems Animals Should Have But …
    30/05/2022 0
  • 10 U.S. Towns with Terrifying Local Legends …
    30/05/2022 0
  • 10 Inventions Meant for the Military They …
    31/05/2022 0
  • 10 Darkest Rock Albums Ever Made – …
    31/05/2022 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2022 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh