Lake County government shuts down servers after ransomware attack
After the massive cyberattack in Texas, officials from Lake County, Illinois revealed on Friday, August 23 that the county has been hit by a cyberattack that forced the shutdown of email service and several internal applications.
The officials also mentioned that the breach came in the form of ransomware, which is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access.
Mark Pearman, director of county's information technology office said that on Thursday, August 22, the IT staff was installing cybersecurity software on 3,000 individual employee laptops and working on the process to remove the ransomware malware from 40 county servers.
The ransomware attack was first noticed by systems administrators on Thursday and to prevent it the IT staff started taking encrypted and unencrypted servers off the network.
However, the official clarified that there was no evidence of data theft from county servers and restoring the systems will take the entire week and more information about the attack will be known by Monday, August 26.
As reported, the IT department is working with the county's cybersecurity contractor, Crowdstrike to conduct a damage assessment. This process includes scanning of all the servers, almost 3,000 computers to determine those infected by the ransomware.
Almost a month ago, LaPorte County, Indiana also suffered a similar breach and the authorities paid a ransom of $132,000 worth of Bitcoins to the hackers to restore the access to affected systems.
Another ransomware hit 22 Texas town governments and recently Louisiana was also forced to declare a state of emergency after some of its school districts' networks were hacked. Now, Texas' 22 town government has become the victim of ransomware.
After all these events, National Guard Chief Gen Joseph Lengyel called the events a "cyber storm." He also mentioned that these multi-state cyber attack reiterates the need for more standardized policies and training for cyber units across the force.
The officials also mentioned that the breach came in the form of ransomware, which is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access.
Mark Pearman, director of county's information technology office said that on Thursday, August 22, the IT staff was installing cybersecurity software on 3,000 individual employee laptops and working on the process to remove the ransomware malware from 40 county servers.
The ransomware attack was first noticed by systems administrators on Thursday and to prevent it the IT staff started taking encrypted and unencrypted servers off the network.
However, the official clarified that there was no evidence of data theft from county servers and restoring the systems will take the entire week and more information about the attack will be known by Monday, August 26.
As reported, the IT department is working with the county's cybersecurity contractor, Crowdstrike to conduct a damage assessment. This process includes scanning of all the servers, almost 3,000 computers to determine those infected by the ransomware.
Almost a month ago, LaPorte County, Indiana also suffered a similar breach and the authorities paid a ransom of $132,000 worth of Bitcoins to the hackers to restore the access to affected systems.
Another ransomware hit 22 Texas town governments and recently Louisiana was also forced to declare a state of emergency after some of its school districts' networks were hacked. Now, Texas' 22 town government has become the victim of ransomware.
After all these events, National Guard Chief Gen Joseph Lengyel called the events a "cyber storm." He also mentioned that these multi-state cyber attack reiterates the need for more standardized policies and training for cyber units across the force.
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/30AFdXM
Comments
Post a Comment