Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Attack Hits Louisiana State Servers

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team.

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team.

The incident appears to have affected only some of the state’s servers, but the Office of Technology Services (OTS) decided to take offline all of the servers in an effort to ensure that the infection is contained.

“Today, we activated the state’s cybersecurity team in response to an attempted ransomware attack that is affecting some state servers. The Office of Technology Services identified a cybersecurity threat that affected some, but not all state servers,” Gov. Edwards announced on Twitter.

The ransomware attack, he revealed, impacted many state agencies’ email, websites and other online applications.

According to local news reports, the Office of Motor Vehicles (OMV) and the Louisiana Department of Health (LDH) were among the affected services.

“The service interruption was due to OTS’ aggressive response to prevent additional infection of state servers and not due to the attempted ransomware attack,” Gov. Edwards said.

While the affected services started to come back online on Monday afternoon, it might still take several days before they are fully restored.

The state did not pay a ransom in this attack and no data loss should have resulted from the incident. Federal agencies are investigating the incident, Gov. Edwards said.

According to OTS, the attempted assault is similar to the ransomware attacks that targeted local school districts and government entities over the summer.

In July, Louisiana declared an emergency in response to a malware attack targeting three school systems in Sabine and Morehouse parishes and the City of Monroe.

Days later, a fourth Louisiana school district was hit by a cyberattack, namely Tangipahoa Parish. The incident resulted in phone lines and email at schools and some offices being shut down.

The malware used in this week’s attack was the Ryuk ransomware, typically distributed via phishing emails, said Seth Blank, director of Industry Initiatives at Valimail and co-chairman of the Election Security Special Interest Group (ES-SIG) of the email industry group M3AAWG.

“It’s not a coincidence that Louisiana’s systems were attacked during an election. While it’s fortunate the incident does not appear to have disrupted election activity, we can expect to see similar attacks as the 2020 election draws near, and other states may not be so lucky. Given how many cities have been taken offline due to ransomware, there’s a very real threat to election integrity for municipalities that implement computer-based voting, electronic pollbooks, digital vote tabulation, or digital transmission of voting results — which is to say, virtually all of them,” Blank told SecurityWeek.

“To stop these crippling cyberattacks, state and local governments need to implement proper best practices, starting by locking down the primary vector for such attacks by preventing the phish from getting to inboxes in the first place — which can be done by validating sender identity. Implementing DMARC is the critical first step,” Blank added.

“State and local governments across the United States have been experiencing an outbreak of ransomware attacks in 2019,” Kimberly Goody, manager of FireEye’s Cybercrime Analysis unit, said in an emailed comment to SecurityWeek. “Initial analysis suggests that publicly reported incidents have nearly doubled in comparison to 2018. Typically, these attacks have involved the distribution of ransomware post compromise en masse through a victim environment. This methodology allows threat actors to maximize their disruption of the victim organization effectively increasing the likelihood that the victim will acquiesce to ransom demands.”

Related: Louisiana Schools Suffer Cyberattacks Ahead of Year’s Start

Related: Louisiana School Systems Cyber Attacked; Emergency Declared

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.