Ryuk Ransomware Strikes Again: Second Outbreak Hits Louisiana

Ryuk Ransomware Strikes Again

Ryuk ransomware continues to wreak havoc – and one U.S. state in particular recently suffered from another successful attack that likely could have been prevented. 

Several school districts and government offices in Louisiana were hit by an attack this summer. Unfortunately, the story was just repeated as several state agencies fell victim to another attack on November 18. In this case, the cyberattack shut down systems in the governor’s office, the Department of Motor Vehicles, the Department of Health, and The Department of Children and Family Services.

Once again, it is believed that the ransomware infection started as the result of a phishing email, an attack vector that continues to prove extremely effective.

Fast reaction

Luckily, this attack was recognized relatively quickly, so the state’s IT and cybersecurity response teams immediately shut down several websites and online services to keep the ransomware from spreading to other agencies. Louisiana representatives reported that several servers were affected which, as expected, resulted in several service disruptions.

Today, we activated the state's cybersecurity team in response to an attempted ransomware attack that is affecting some state servers. The Office of Technology Services identified a cybersecurity threat that affected some, but not all state servers. #lagov #lalege

— John Bel Edwards (@LouisianaGov) November 18, 2019

Governor John Bel Edwards reported that the state did not pay a ransom and did not lose any data since the state was able to restore its systems from backups.

What they did lose was a lot of time – and time is money. In fact, some services were offline for more than a week, during which time people couldn’t get the services they expected.

While ransomware attacks targeting organizations are constant – experts estimate they occur every 14 seconds – the truth is this lost time and money can be prevented.

Preventing cyberthreats

A recently released study by Emsisoft tells us that during the first nine months of 2019, more than 600 ransomware attacks battered government offices, school districts, and healthcare providers across the U.S. (although we think that the actual figure is much higher). And while that figure is for in U.S. only, the same story is happening around the globe.

The situation caused the U.S. Senate to recently pass a bill creating cyber hunt and incident response teams at the Department of Homeland Security. These teams will assist targets of ransomware and other cyberattacks. Their strategies and tactics should help improve the situation a bit – but the key point is to prepare before an attack occurs.

If the local governments use modern cyber protection solutions, which combine reliable backups with cutting-edge anti-ransomware technologies, they could recover from incidents in a matter of minutes or hours – preventing weeks or months of downtime.

Proven anti-ransomware software

Acronis Active Protection, our artificial-intelligence-based anti-malware defense, is able to stop such new ransomware strains in real-time and automatically restore any damaged files. Integrated into cyber protection solutions like Acronis Cyber Backup for businesses and our personal solution Acronis True Image – and available for service providers to add to their offering via the Acronis Cyber Cloud – it’s been shown by independent lab testing to be the most effective solution against zero-day ransomware attacks, cryptojacking attacks, and defending Acronis backups from being targeted.

More importantly, it’s so effective it stopped more than 400,000 ransomware attacks last year, preventing an estimated $200 million in damages.

To learn more about the newest ransomware threats like Ryuk, be sure to bookmark Acronis’ new ransomware page, which includes profiles of the latest, notorious ransomware threats.