Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cyberattack Hit 10% of Louisiana’s State Government Servers

One in ten of Louisiana’s 5,000 computer network servers that power operations across state government were damaged by this week’s cyberattack, a key technology official told lawmakers Friday.

One in ten of Louisiana’s 5,000 computer network servers that power operations across state government were damaged by this week’s cyberattack, a key technology official told lawmakers Friday.

Neal Underwood, Louisiana’s deputy chief information officer, said the ransomware attack wasn’t catastrophic to state government. No data was lost, and no ransom was paid. But Underwood said the effect for some agencies was significant, particularly at the Office of Motor Vehicles, which shuttered its branch locations all week to repair its computer network.

“I can assure you that none of the actual data in our enterprise was inappropriately accessed,” Underwood told the joint House and Senate budget committee.

Technology staff has been working around the clock since the attack to get online systems and services back up and running. Underwood expects all state agencies to resume normal operations by Monday. In some instances, he said computer systems have to be rebuilt from the state’s backup and recovery systems.

In addition to the 10% of network servers disrupted by the early Monday morning attack, Underwood said more than 1,500 of the state’s 30,000 computers were damaged.

An investigation into the source of the cyberattack is ongoing.

“Who are the bad guys? Where are they from?” asked Sen. Francis Thompson, a Democrat from Delhi.

Underwood said the ransomware likely came from outside the United States.

Advertisement. Scroll to continue reading.

“This was a sophisticated and coordinated attack,” he said. “This was not some malcontent teenager in their parents’ basement.”

The attackers had access to Louisiana’s government computer servers for “a matter of hours” before they were discovered, Underwood said. The Office of Technology Services immediately shut down external access to network servers when the breach was discovered. That caused a wider disruption of state government websites and email than the actual ransomware attack, Underwood said.

Gov. John Bel Edwards planned to issue an emergency declaration Friday to ensure that people and businesses don’t face fines or penalties because of the cyberattack. For example, a driver won’t face a ticket if a driver’s license expired this week because the motor vehicle office locations weren’t open to renew that license.

The ransomware attack happened just two days after statewide elections for governor, legislative seats and other positions around Louisiana. Sen. Mack “Bodi” White, a Republican from Central, questioned whether that could cause problems for certification of election results or changed numbers in election returns.

“It happened at a very inconvenient time,” he said. “A lot of the conspiracy theorists are calling me.”

As White asked questions, Rep. Cameron Henry, the Jefferson Parish Republican who chairs the budget committee, received a text from Secretary of State Kyle Ardoin. Ardoin said the cyberattack caused “no impact whatsoever” to the election returns and results will be certified Tuesday as scheduled, Henry said.

Sen. Sharon Hewitt, a Slidell Republican, praised the quick reaction from Louisiana’s technology services office.

“I do believe it could have been much worse,” she said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...