Ransomware attack hits state servers


Louisiana State Police issued a notice that all DMV/OMV locations statewide were closed Monday-Wednesday, Nov. 18-20. The notice stated due to ongoing network restoration efforts by the La. Office of Motor Vehicles and the Office of Technology Services, all OMV offices will remain closed throughout the day.

As electronic services are restored and tested for full operational capabilities, office openings will be evaluated and announced to the public. OMV Commissioner Karen St. Germain originally ordered all office locations to delay opening until noon Tuesday.

The delayed opening, which was then revised to a full day’s closure, was to allow OMV employees and OTS representatives time to ensure that all public systems are operational and ready for full service. While many systems were back online, the public was asked to refrain from non-critical OMV tasks. The state servers were victims of ‘ransomware.’ Ransomware, often spread through phishing emails, denies access to computer systems or data until the user pays a ransom, according to the Louisiana Cyber Security Commission. If the demands are not met, the person conducting the ransomware attack could keep the data unavailable or delete it.

The machines go out onto the internet and look for vulnerabilities in systems, then attach ransomware to them. The state might have picked up the virus when someone went to a dangerous website or tried to upload a game on their work computer according to the La. Cybersecurity Commission.

The most likely culprit was a state worker clicking on some suspicious email or link. Gov. John Bel Edwards’ administration said many online services and state websites that officials shut down Monday to prevent further spread of the malware came back online Tuesday. Still, the state’s 79 motor vehicle offices remained closed as the systems were rebooted. Seven agencies were either directly or indirectly affected.

They include the Department of Public Safety, Office of Juvenile Justice, Department of Health, Department of Education, Department of Environmental Quality, Department of Revenue and the Division of Administration. The state IT team noticed the ransomware virus and took action. According to one source, the state shut down their computer systems to avoid infecting state internet servers.