The Pennsylvania State Democratic Caucus has taken its computer systems temporarily offline following a ransomware attack.
According to PennLive, the caucus discovered the attack early in the morning on 3 March. Offices remained open throughout the day. Even so, members and employees alike couldn’t access systems or data because the ransomware had spread throughout the network.
Caucus spokeswoman Stacey Witalec confirmed that IT professionals had not restored the affected systems as of 5:15 pm in the afternoon on 3 March. As of this writing, the website remains down. Visiting pasenate.com, the caucus’s website, yields only an “Error establishing a database connection” message.
The attack has prompted the state attorney general to get involved. Joe Grace, spokesman for Attorney General Josh Shapiro, confirmed as much in the evening on 3 March. He said Shapiro “spoke with [Caucus] Leader [Senator Jay] Costa this afternoon and the office is looking into the cyber-attack, which we take very seriously.”
At this time, there’s no evidence to suggest the ransomware compromised any caucus data or targeted Senate Democrats specifically. The FBI is scheduled to begin investigating the infection to verify those claims.
This infection is not the first time ransomware has struck local government bodies.
In late January 2017, a police department based in Texas suffered an attack at the hands of a computer virus known as “Osiris,” which might be referring to a Locky ransomware variant of the same name. The ransomware encrypted Microsoft Office documents along with photographs and video files and demanded $4,000 in ransom. The police department ultimately decided not to pay the ransom despite not having copies of some of the affected videos and photographs.
Approximately one week later, an Ohio county suspended its IT system after ransomware infected more than a thousand computers in its government center. The attack didn’t halt all county business. But it did restrict employees and officials with limited computer availability.
These infections highlight the need for organizations to invest in ransomware prevention strategies. Companies should also create a robust data backup strategy just in case they suffer an infection.