Cyber Extortion Scheme Mal ware Ransomware

An FBI wanted poster is placed before a news conference held at the Justice Department, Wednesday, Nov. 28, 2018, announcing the indictment against international computer hackers. Two Iranian computer hackers were charged in connection with a multimillion-dollar cybercrime and extortion scheme that targeted government agencies, cities and businesses. A new round of ransonware attacked have targeted local governments in Georgia, Florida, Louisiana and elsewhere.

Georgia's Department of Public Safety is the latest target in a string of cyberattacks that have plagued the state.

The servers and systems for the department that oversees the day-to-day operations of the Georgia State Patrol, Capitol Police and the Motor Carrier Compliance Division were taken offline after an employee received a suspicious message on Friday.

Sgt. Stephanie Stallings, a spokesperson for GDPS, said the message was confirmed by the IT department as a ransomware attack.

“They recognized it as something that is not normal and decided to isolate the problem,” Stallings said.

A ransomware attack is when a computer system is corrupted by malicious software, better known as malware, for ransom. States, cities and counties have been prime targets for cybercriminals, many of them spending thousands of dollars, even millions, to recover.

The GDPS attack affects laptops and email servers within the agency’s network. Instead of logging into the system to get information on calls, state troopers have to call into communications centers to ask for the details.

The system was still down when The Center Square spoke to Stallings on Monday. Stallings said she could not confirm if the perpetrators of the hack requested ransom money because it is part of an “ongoing investigation.”

The attack on GDPS is one of at least four attacks that has happened in Georgia in the past month. 

Georgia’s Henry County took down its servers on July 17 after a malware attack, according to a post on the county’s Facebook page.

The issue affected the county’s email, internet access and servers, but not stop public services, the post said. Henry County’s website was still down as of Monday. No one from the county was immediately available for contact. 

Within the same week, another attack was launched on the Lawrenceville Police Department.

This time the hackers hijacked sensitive police data such as body-camera video footage and police records by locking them with encryption. 

It is unclear if the issue has been resolved, but FBI and cyber experts were brought in to address the issue, according to a statement released by Lawrenceville Police.

Hackers have also targeted one of the state’s top security agencies.

The Georgia Emergency Management and Homeland Security Agency discovered malware on its computer system in early July during a cybersecurity check. The agency was able to locate and block the activation of the malicious software with pre-installed protection software. It was later removed.

Last month, Georgia’s Administrative Office of the Courts took down its system in order to recover from an attempted ransomware attack.

Average ransomware demands are around $13,000 according to Znet and are often requested in cryptocurrency, an untraceable payment form.

Downtime from ransomware attacks can cost an average of $64,000, according to Coveware.com.

Recovery efforts can cost way more.

Atlanta spent $17 million to recover from a ransomware attack last year that threatened many of the city departments.

 

Staff Writer

Nyamekye Daniel has been a journalist for three years. She was the managing editor for the South Florida Media Network and a staff writer for The Miami Times. Daniel's work has also appeared in the Sun-Sentinel, Miami Herald and The New York Times.