Louisiana State Computers Hit By Ransomware – Again

Government computers in the US state of Louisiana have once again been knocked offline by a ransomware attack.

Reuters reported that Governor John Bel Edwards said in a series of messages posted to Twitter that many state agencies had their servers taken down in response to the attack.

Governor Edwards said that the agencies were coming back online but that full restoration could take “several days.”

State of Emergency

This is not the first time the state has suffered an attack. In July Governor Edwards declared a ‘state of emergency’ after a string of ransomware attacks on school networks.

That declaration, besides sounding dramatic, did give Governor Edwards access to some much needed assistance from public bodies in the state.

And now four months later, the US state has been hit again.

“There is no anticipated data loss and the state did not pay a ransom,” Governor Edwards was now quoted by Reuters as saying.

Louisiana Secretary of State spokesman Tyler Brey reportedly said that while his office’s website was briefly offline, the tallying of Saturday’s vote, in which Bel Edwards narrowly won re-election, was unaffected.

That election was closely watched in the United States, as President Donald Trump had publicly endorsed Bel Edward’s Republican challenger, Eddie Rispone.

The US state has also been criticised for its failure to implement a paper audit of its voting machines, a huge security issue that was highlighted recently by John’s Oliver on his “Last Week Tonight” show.

It is reported that the ransomware involved in the latest attack is known as Ryuk, a variant that cybersecurity firms first identified in August of last year.

The fact that Louisiana once again was hit by ransomware was noted by some security experts.

“Given the wave of ransomware infections targeting government institutions across the US, it’s important for organisations to understand and accept that ransomware is the new normal,” said Andrea Carcano, CPO and co-founder at Nozomi Networks.

“The Louisiana state government did the right thing by not paying the ransom as organisations that give in to the hackers’ demands are only fuelling the profitability of the ransomware industry for attackers,” said Carcano. “Government institutions should be particularly careful and deploy artificial intelligence and machine learning tools to identify cyber threats in real time so they can resolve issues before harm is done. Prevention will always be the best cure for ransomware.”

Pay or not?

This decision not to pay the hackers stands in marked contrast to a lack of action from other US cities and towns.

A Florida city in the US called Lake City earlier this year opted to pay hackers after a ransomware attack.

The Lake City decision to pay the hackers $500,000 (£394,000) was aided by the fact that insurance would cover most of the ransom.

It came after the council of another city in Florida (Riviera Beach City) voted unanimously to pay hackers $600,000 who took over their computer systems via a ransomware attack earlier this year.

Do you know all about security? Try our quiz!