September 20, 2020

Volume X, Number 264

September 18, 2020

Subscribe to Latest Legal News and Analysis

September 17, 2020

Subscribe to Latest Legal News and Analysis

Louisiana State Government Systems Down Following Ryuk Ransomware Attack

Louisiana Governor John Bel Edwards activated the State’s cybersecurity team recently after several State offices’ computers started acting strangely. The IT team identified an intrusion of Ryuk ransomware, what programs were affected, and shut down computers to avoid spread of the infection.

During the outage, some State offices had no access to email, internet or applications in order to assist residents. All outgoing network traffic was terminated while investigating the cause of the infection to prevent it from spreading further. State departments were unable to provide services or information to the public while responding to the attack and investigating its cause. This included 79 offices of the Office of Motor Vehicles, which were completely shut down, meaning people could not obtain or renew drivers’ licenses or vehicle registrations. The Secretary of State’s website and app were down, and the Department of Health had no internet or email access. Those applying for coverage under Medicaid were unable to apply during the outage. The Louisiana Public Service Commission was unable to upload any reports, inspections or applications to its online database, and the Department of Revenue’s computers were silent. The attack also prevented people from applying for food stamps.

All in all, it took the State about one week to recover from the attack and to get all agencies back online. According to Louisiana officials, it was the most significant cyber event that Louisiana has ever faced, and affected 500 of the State’s 5,000 servers and more than 1,500 of its 30,000 computers. It appears that the attack was caused by a phishing attack, as the intruder was able to access the State’s system using a valid user name and password prior to downloading the Ryuk ransomware. Louisiana officials are reporting that no data was stolen during the attack, and that they will work with citizens and grant leniency as applicable, such as when someone is fined for not being able to renew their driver’s license during the outage.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume IX, Number 344


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...