“Today, we activated the state's cybersecurity team in response to an attempted ransomware attack that is affecting some state servers. The Office of Technology Services identified a cybersecurity threat that affected some, but not all state servers,” Gov. Edwards announced on Twitter.
The ransomware attack, he revealed, impacted many state agencies’ email, websites and other online applications. According to local news reports, the Office of Motor Vehicles (OMV) and the Louisiana Department of Health (LDH) were among the affected services.
“The service interruption was due to OTS’ aggressive response to prevent additional infection of state servers and not due to the attempted ransomware attack,” Gov. Edwards said.
While the affected services started to come back online on Monday afternoon, it might still take several days before they are fully restored. The state did not pay a ransom in this attack and no data loss should have resulted from the incident. Federal agencies are investigating the incident, Gov. Edwards said.
According to OTS, the attempted assault is similar to the ransomware attacks that targeted local school districts and government entities over the summer. In July, Louisiana declared an emergency in response to a malware attack targeting three school systems in Sabine and Morehouse parishes and the City of Monroe.
Days later, a fourth Louisiana school district was hit by a cyberattack, namely Tangipahoa Parish. The incident resulted in phone lines and email at schools and some offices being shut down.
The malware used in this week’s attack was the Ryuk ransomware, typically distributed via phishing emails, said Seth Blank, director of Industry Initiatives at Valimail and co-chairman of the Election Security Special Interest Group (ES-SIG) of the email industry group M3AAWG. Full Story continued at SecurityWeek.