IPB

Welcome Guest ( Log In | Register )

> The municipal scourge of RANSOMWARE
diggler
post Aug 21 2019, 12:11 PM
Post #1


Really Comfortable
*****

Group: Members
Posts: 1,177
Joined: 19-November 09
Member No.: 969



Malware attack on county computers

LP County website, government email servers out of operation

STAFF REPORTS

La PORTE – All La Porte County government emails, and the county website, remained out of commission late Tuesday following a malware virus attack that affected the system on Saturday morning.

La Porte County Board of Commissioners President Dr. Vidya Kora said Sunday evening the system will be inoperable as authorities respond to a “malicious malware attack that has disabled our computer and email systems.”

County Attorney Shaw Friedman confirmed Tuesday that county government computers were "impacted by a sophisticated ransomware virus" early Saturday morning.

“Fortunately, our IT team reacted quickly and shut down much of the system, even though it was a weekend," Friedman said. "Less than 7 percent of our laptops have been infected, however, it did hit our two domain controllers, which means no server can access network services."

An insurance policy taken out last year will help the county recover, Kora said,

“Fortunately, our county liability agent of record, John Jones, last year recommended a cybersecurity insurance policy which the county commissioners authorized from Travelers Insurance" he said.

"We informed Travelers Insurance late Saturday of the malware attack and they immediately referred us to the Wayne, Pennsylvania, incident-response law firm of Mullen Coughlin LLC that specializes in responses to such cyber-attacks and coordinates system repairs and protection of our computers from further such virus infections," Kora said.

The forensic investigation firm has been retained to determine the nature and scope of the incident, including how the county could have been infected, Friedman said.

Several county officials, including Kora, Council President Randy Novak, along with the auditor, county attorney and IT Department took part in a conference call Sunday with the incident response team assembled by Mullen Coughlin, Kora said.

The call was "to develop a game plan to respond to the attack and come up with an approach to repair our systems and protect them from further damage."

The county's IT Department has been working long hours to try and get things operational, including spending Sunday to ensure that the Courts and Prosecutor's office remained functional, Friedman said.

"This particular ransomware variant – known as RYUK – is especially insidious as it seeks to delete or encrypt system backups. We are exhausting all possibilities, including tapping the FBI cybersecurity unit and reviewing all 'workarounds' in order to determine how to restore the county to a full operational status.”

Staff from Mullen Coughlin arrived in La Porte on Sunday night to assist, Kora said. They will also help prepare documentation to report the attack to the FBI and other appropriate law enforcement agencies.

Kora and Friedman praised the efforts of the IT Department.

"I commend our IT Director Darlene Hale and her team for shutting down our systems Saturday afternoon as soon as the malware virus was detected," he said. "Unfortunately, at least half our servers have been infected and it will take some time to fully restore service. I ask for patience from the public as we seek to become fully operational again.”

Friedman echoed that sentiment.

"Darlene Hale and her team have been working 15 hour days since this virus hit to try to restore portions of our system that can be restored," he said. "We ask for patience from all concerned.”

"Texas is the latest state to be hit with a cyberattack, with state officials confirming this week that computer systems in 22 municipalities have been infiltrated by hackers demanding a ransom. A mayor of one of those cities said the attackers are asking for $2.5 million to unlock the files."

https://www.npr.org/2019/08/20/752695554/23...of-cyberassault



https://www.crowdstrike.com/blog/big-game-h...ted-ransomware/
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

Posts in this topic


Reply to this topicStart new topic
5 User(s) are reading this topic (5 Guests and 0 Anonymous Users)
0 Members:

 



Lo-Fi Version Time is now: 28th March 2024 - 05:32 AM

Skin Designed By: neo at www.neonetweb.com