The Indiana National Guard confirmed that a ransomware attack affected some of its members’ personally identifiable information.
On 18 October, the Indiana National Guard said in a statement that ransomware had infected a state-owned, non-military server containing the personally identifiable information (PII) of some of its personnel.
The statement did not identify the offending strain of ransomware.
Master Sgt. Jeff Lowry explained in the news release that the Indiana National Guard did not believe the attack was targeted in nature. He also noted that steps were being taken to contact civilian and military Guard members whose information might have been affected by the attack. As quoted by local media:
As a result of this action we are in the process of notifying personnel that may be affected, and that they should be alert for suspicious activity or fraudulent accounts being opened in their name.
This isn’t the first time that ransomware has infected U.S. infrastructure like the Indiana National Guard. In late spring of 2018, news emerged of how crypto-malware that had infected the City of Atlanta had wiped out years of dashcam footage generated by the Atlanta Police Department. Just a few months before that, the State of Colorado’s Department of Transportation (DOT) shut down more than 2,000 computers after its network suffered a ransomware attack. That incident followed mere weeks after a criminal who infected the computer systems of Mecklenburg County with crypto-malware demanded a ransom payment of $23,000 for the decryption key.
These incidents highlight the need for all organizations, especially government bodies and entities that help maintain the United States’ infrastructure, to protect themselves against a ransomware attack. They can do so by training their employees to avoid opening suspicious email attachments and clicking on suspicious links. They can further prevent a ransomware infection by backing up their data on a regular basis.