Georgia courts (mostly) shrug off ransomware attack

Georgia courts (mostly) shrug off ransomware attack

Enlarge / The latest victim of an apparent wave of Ryuk ransomware has managed to fend off paying attackers, but not everyone is getting away unscathed. (credit: Getty Images)

A spokesman for Georgia’s Administrative Office of the Courts has confirmed that the AOC’s information technology team discovered ransomware on the organization’s servers on Saturday. While the spokesman could not provide specific details about the ransomware involved in the attack, its characteristics are consistent with the Ryuk ransomware that has struck multiple companies and government agencies over the past few months—including at least two Florida cities.

Bruce Shaw, communications and outreach specialist for the AOC, told Ars that a file containing contact information for the ransomware operators was left on the affected servers but that no specific ransom was demanded. “After an assessment of our system, it was determined that it would be best to take our network offline,” Shaw

Read the rest Continue Reading
Ryuk, Ryuk, Ryuk: Georgia’s courts hit by ransomware

Ryuk, Ryuk, Ryuk: Georgia’s courts hit by ransomware

Enlarge / Court systems in Georgia are down due to a ransomware attack. Surprise. (credit: Rivers Langley / SaveRivers / Wikimedia)

Georgia’s Judicial Council and Administrative Office of the Courts is the victim of the latest ransomware attack against state and local agencies. And this looks like the same type of attack that took down the systems of at least two Florida municipal governments in June.

Administrative Office of the Courts spokesman Bruce Shaw confirmed the ransomware attack to Atlanta’s Channel 11 News. The Administrative Office of the Courts’ website is currently offline.

Shaw told 11 News that some systems had not been affected by the ransomware but that all systems connected to the network had been taken offline to prevent the ransomware from spreading. The Courts’ IT department was in contact with “external agencies” to coordinate a response to the attack, Shaw said.

Read 4 remaining paragraphsRead the rest

Continue Reading
Florida LAN: Someone clicks link, again, giving Key Biscayne ransomware

Florida LAN: Someone clicks link, again, giving Key Biscayne ransomware

Enlarge / Key Biscayne, Florida, is the third Florida local government to get hit by ransomware within a month. (credit: Alicia Vera/Bloomberg via Getty Images)

A third Florida local government has reported that it has been struck by ransomware. Key Biscayne joins Lake City as a victim of Ryuk, a form of ransomware first spotted in August of 2018. Ryuk was the final piece of what has been labeled the “Triple Threat’ attack, the other two threats being Emotet and Trickbot malware.

While the attack on Riviera Beach, Florida, revealed last week was similar—all three cases start with a city employee clicking on an attachment in email and unleashing malware—it’s not certain if that attack was also based on Ryuk.

Ryuk is targeted ransomware, originally linked to the North Korean “Lazarus” threat group, but now it appears to have been adopted by non-state criminal ransomware operators as well.

Read the rest Continue Reading