US Marshals' Computer System Remains Out of Commission 10 Weeks After Ransomware Attack
upstart writes:
The US Marshals Service claims the shutdown isn't affecting its ability to track down fugitives:
Ransomware attacks against companies and government agencies are on the rise despite efforts by cybersecurity experts to prevent such incidences. Since the start of the pandemic, hundreds of U.S. businesses have reported being ransomware victims, with the largest known attack being the Kaseya hack in 2021.
More recently, the U.S. government has also faced a string of cybersecurity incidents, with the FBI, the Department of Defense, and the United States Marshals Service (USMS) all confirming multiple data leaks and targeted attacks this year. Just last week, the USMS announced that cybercriminals had targeted its systems with a ransomware attack, exposing a large amount of data, including personally identifiable information (PII) of employees. Thankfully, the incident did not expose the witness protection program database, meaning no witnesses are in danger.
[...] According to The Washington Post, the system has remained down for so long because the USMS decided not to pay any ransom to unlock the network. Instead, officials moved to shut down the entire system, which included remotely wiping the cellphones of all employees who worked in the department. The sudden move, which was implemented without any prior warning, cleared out all their files, contacts and emails, inconveniencing many.
However, despite the apparent roadblock, the USMS remains adamant that the shutdown isn't affecting its ability to conduct investigations. In a statement this week, Marshals spokesperson Drew Wade said that most of the critical investigative tools have already been restored, and the agency is planning to soon deploy "a fully reconstituted system with improved IT security countermeasures" for the future.
Read more of this story at SoylentNews.