Ransomware Attacks State Systems in Louisiana


Contained Ransomware and some devices were already restored.

Today, a ransomware infection has been discovered in a range of tweets by IT systems and websites managed by the Louisiana Government.

“We have activated the state’s cybersecurity team today in response to a ransomware attack on some state servers. The Technology Services Office has established a cyber security threat that affected some, but not all, state servers,” Governor Edwards said.

“OTS immediately implemented its security protocols, and out of caution took down State servers, which affected the e-mail, websites and other online applications of many State agencies,” he said.

“The disruption of service was due to OTS’ aggressive reaction to avoid further contamination of state servers and not the alleged ransomware attack,” the governor said.

Resources impacted included public government websites, but also government servers that handle email communications and internal software.

According to local news outlet WAFB9, the websites for the Governor’s Office, the Louisiana State Legislature, motor vehicle offices, the Corrections Department, the Louisiana Division of Administration, the Department of Transport & Development and more were affected.

WWLTV confirms that local authorities use Gmail accounts to communicate until the state’s email server returns online.

The extent of the damage the malware has done to the Louisiana government’s internal network is unknown.

The situation appears to be under control on the basis of public statements. All websites confirmed to have been down by WAFB9 were up and running at the time of writing, although officials have pointed out that some internal applications might still be down for the next days.

Better prepared than most, Louisiana

The rapid response of the State to the attack is no surprise. Louisiana is one of the few states in the United States that is prepared and has a cyber-attack plan in place.

In December 2017, Governor Edwards set up a Commission for cybersecurity to establish cyber attacks protocols and action plans.

During the summer Ransomware passed the first major real-world check in three school districts in Sabine, Morehouse and Ouachita.

Governor Edwards immediately declared a state of emergency in order to mobilize state resources and resolve attacks and recovery efforts. He did not declare a similar emergency today, because today the OTS identified and stopped the attack very quickly.

Edwards Governor was re-elected during the weekend.

Ransomware’s attacks are rife this year on US cities and local governments. A forthcoming study reports 81 ransomware attacks involving US local governments (as of October 2019). During one single incident during August, 22 of them were reported alone when ransomware hit 22 local Texas governments via a joint service provider.


Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.