Attempted ransomware attack on Louisiana state government

State Government Ransom Attack

NEW ORLEANS, La. (WVUE) - State police and several federal agencies are investigating an attempted ransomware attack against state servers that caused many state websites to shut down.

State officials didn’t specify how their cybersecurity team found the threat but they did say there is no anticipated data loss and the state did not pay a ransom.

Gov. John Bel Edwards stated the attempted ransomware attack was similar to the attacks that targeted local school districts and government entities around the country over the summer.

Officials believe no data was lost, however, it may take several days before online services are fully restored.

The attempted cyber attack on the state government’s computer servers left Louisiana residents frustrated and concerned.

“So people who have attachments and they have to pay it on a certain day.. ya’ll going to take those late fees off or what.. if we get pulled over.. the system is down here so what do you expect us to do,” Antonuage Gray said.

State officials say the temporary paralysis of agency emails, websites and even a phone hotline were not due to an attack but were due to the precautions the state took to prevent one.

In a release sent from the Louisiana Commissioner of Administration, Jay Dardenne, the division identified a ransomware threat that affected some of their servers. The statement indicates their cybersecurity team, “out of an abundance of caution, took state servers down.”

Kevin Launey is vice president of Bios Technologies, a Metairie business that manages infrastructure, maintenance and security for small to medium business networks.

When it comes to cybersecurity threats, ransomware is as bad as it gets, Lancey said.

“Somebody’s holding your files ransom, I mean, how many businesses can survive without any of their data?", Lancey said.

He explained that you are basically paying a cybercriminal hoping they’re actually going to give you what you need to get your files back.

It begins with a phishing scam, a seemingly legitimate website with misspellings or an email directing you to a link that. Once you click on it, an encryption software is downloaded to your computer, Launey said.

He explained that the software encrypts your files to where you can no longer access them. Typically, a screen pops up saying you’ve been locked out and in order to get the files back you have to pay a certain amount of dollars to unlock your files.

“At that point, you’re left with rebuilding the data from scratch or paying the ransom and we assisted them in paying the ransom,” Launey said.

Launey has helped victims pay off hackers with cyber currency two times, but it only worked once. He says your best protection is a solid back up of data and education. There’s also advanced malware, but that doesn’t prevent the hack. “When it sees files change, it can revert back,” Launey said.

Once you realize something’s happened you can say, well I want to revert these files back to the way they were prior to this event.

Oftentimes, ransomware victims don’t know they’ve been hacked until it’s too late-- once the files are encrypted, there’s no way to get them back.

Copyright 2019 WVUE. All rights reserved.