Georgia’s court agency has become victim of a ransomware attack

Weeks after the ransomware attacks has took down the computer networks of three Florida cities, Georgia's court agency has become victim of ransomware infection. It has been reported that servers belonging to Administrative Office of the Courts (AOC) have been offline as a result of an unknown ransomware which entered into their network. The court agency maintains the court documents and provides support to the state, magistrate, probate, as well as municipal court councils in the Georgia.

Bruce Shaw, an AOC spokesperson, told media that the AOC officials have quarantined the servers of the agency and then cut off network from the outside contact after they discovered the attack. The agency's network has been taken offline, so as to contain this infection. At present, there is no proof of data exfiltration from this attack.

The court agency is still not able to uncover the technical details like the ransomware type and method of infection that was used in this attack. Moreover, the court agency had their website shut down on July 1, 2019, due to this attack. However, the websites for the Georgia Supreme Court as well as court clerks remain operational.

It is still not clear how many computers as well as court services got affected. Michelle Barclay, an AOC division director, said that personal information has not been compromised as the agency systems do not keep that information. She also said that the attack is assumed to be from another country.

The AOC has found one text file from hackers with instructions of contacting them, said Barclay. However, the file did not specify any ransom amount, she added.

County and the state courts remain operational, however they are not able to access the information provided by AOC, said David Allen, chief information security officer of Georgia. Allen added that he did not know how much time it will take, in order to recover from this attack.

The FBI advises not to pay any ransoms, as that might lead to funding of other cyber attacks. In a statement, the WIRED has been told by the federal agency that "the payment of extortion demands encourages continued criminal activity, leads to other victimizations, and can be used to facilitate additional serious crimes". The FBI added that "additionally, paying a ransom does not guarantee the victim will regain access to their data".

» SPAMfighter News - 7/23/2019