Posted on 03/01/2023 12:52:13 PM PST by ChicagoConservative27
A major ransomware attack compromised a host of sensitive information held by the US Marshals Service, including details about potential targets of investigations and employees of the federal law enforcement agency.
The cyberattack was discovered in “a stand-alone USMS system” on Feb. 17 and prompted a forensic investigation by the Department of Justice, said Drew Wade, a spokesperson for the Marshals Service.
On Feb. 22, officials from the Marshals Service briefed investigators from the DOJ, who determined the breach was a “major incident” that affected an array of sensitive law enforcement information.
“The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” Wade said in the statement.
Investigators were working to determine if information compromised in the attack was posted online, according to a Feb. 27 email from US Marshals Director Ronald Davis reviewed by The Post.
(Excerpt) Read more at nypost.com ...
Someone clicked on the ad....
US Marshals agency is under DOJ.
Remember that Eric Holder announced that the DOJ would be recruiting employees with psychological problems and mental deficiencies when he was the Attorney General.
Bkmk
Seriously, how does stuff like this happen in this day and age of software and hardware protections?
Witness protection is a Marshal program
Because, apparently, the USMS isn’t keeping track of employee use of the internet AND ensuring they have morally decent employees who aren’t there to goof off and surf the net.
I am in the cybersecurity industry and the simple answer is that the basic controls that we have known about for 30 years are simply not being implemented.
”Stand-alone” system is supposed to mean it’s not connected to the network.
Supposing that is true, it would mean someone with access to the system brought the virus with them and installed it.
No protection is foolproof. Many of them are more hype than help. Like Rurudyne said, ‘someone clicked an ad’. Well, it could have been that simple, if the site with the malicous scripts wasn’t already flagged by security software. Or perhaps more likely, someone in the marshals office was doing a porn investigation and went to the wrong place, or someone fell for a bad phishing or attack email. Most of them are easy to spot, but some are very clever, and mimmick people inside your organization to get you to let your guard down and open malicious attachments.
You’d like to think that government offices and agencies have these iron-clad security protections and procedures, but much of the time, they have people have various kinds of jobs and many of them are not very tech savy at all.
Where I would fault them more is if their IT people weren’t making secure backups of their systems and databases. A ransomware attack is annoying mostly for your downtime, but not catastrophic if you have redundancies and backups.
Wanna stop this crap? Hackers and spammers should be executed. This will never happen. Domestic terrorists could shoot out power plants, blow up food storage warehouses, poison chickens, derail trains, burn down forests, and we do NOTHING. Soros is winning.
I have the same view of those bad actors.
A few not existing suddenly would stop a lot of them.
Tranny used luggage ad and sissy-boyz clicked on the attachment.
Precisely my take as well. Maybe on a flash drive.
The second recent attack on the Marshals. Something smells
Wanna stop this crap? Hackers and spammers should be executed.
I agree 1000%.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.