Ransomware attack hit Pennsylvania Democratic Senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.

The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.

“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”

The Senate Democratic offices were open on Friday, but no one could access data or use the network. It was likely a really a productive day.

When the attack first hit the news on Friday, an FBI spokeswoman told NBC that the agency was looking into whether it had been called in. But by Saturday, the FBI’s Philadelphia field office told CNN that it is investigating the cyberattack. An FBI spokeswoman said, “At this time, we’re only aware that the PA Senate Democrats are affected.”

Republican Pennsylvania senators have their own separate network which was reportedly not affected. The computer systems for the state’s governor, also a Democrat, are also separate and unaffected.

While it is not uncommon for in-the-spotlight victims to decline to reveal the ransom demanded, Pennsylvania Democrats spokeswoman Stacey Witalec also would not tell NBC if the data was backed up or if the attackers identified themselves.

When asked if Pennsylvania Senate Democratic Caucus intended to pay the unknown ransom amount, Witalec said, “At this point we are working with Microsoft to see where we’re at.”

Pennsylvania’s attorney general’s office is also looking into the ransomware attack, which it claimed to “take very seriously.”

Despite the continual flow of news related to ransomware, government and local agencies, police departments, transit systems, hotels, universities, hospitals and even city’s surveillance networks are still falling as victims of such attacks. Bad guys continue to profit and there is no indication that the ransomware situation will do anything other than get worse.

As Lucian Constantin pointed out, don’t back up to an external drive always connected to your computer. He suggested, “The best practice is to use what some people call the 3-2-1 rule: at least three copies of the data, stored in two different formats, with at least one of the copies stored off-site or offline.”

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Uncategorized

Leave a Reply