Georgia Courts Ransomware Incident

Georgia’s Judicial Council and Administrative Office of the Courts is the victim of the latest ransomware attack. While details are not yet available, some reports link the attack to the same Ryuk ransomware that hit at least two Florida local governments last month. An earlier ransomware attack on another court system in Georgia result in a payment to the attackers of $400,000. In Florida, almost $1.1m has been paid to the attackers by cities that were attacked there. No word yet whether payment is planned by this latest victim.

Commentary: Ransomware attacks are the most serious threat that small business, small government agencies, and non-profit organizations face because they are so successful against organizations without adequate technology and security practices. The amount of money required to put in simple controls to reduce the likelihood of successful attacks, and deal with the damage should they occur, is likely significantly less than what the victims are paying to recover the systems, not counting the damage and cost to the community caused by the organization’s inability to perform its functions.

Likely Threat(s): Nation-States, Criminals
Likely Motive(s): Espionage
Likely Means: 2.x Attack the endpoints 5.x Attack the servers
Opportunities: Security Awareness Training, IR Planning & Preparation, Information Backups, Malware Protections, Secure Configuration Management

%d bloggers like this: