Capitol Fax.com - Your Illinois News Radar


Latest Post | Last 10 Posts | Archives


Previous Post: Open thread
Next Post: Remap stuff

Before Attorney General was hit with ransomware attack, Auditor General’s office warned the office was sorely lacking in cybersecurity

Posted in:

* Dan Petrella at the Tribune

A state audit released earlier this year warned that Illinois Attorney General Kwame Raoul’s office had a “weaknesses in cybersecurity” that potentially left sensitive information on the agency’s computer network “susceptible to cyberattacks and unauthorized disclosure.”

Three weeks ago, a hack resulted in data being stolen from the attorney’s office in a ransomware attack, Raoul acknowledged in a statement Thursday.

A ransomware gang known as DoppelPaymer is believed to be behind the attack, in which some data from the attorney general’s office was posted online.

Ransomware is malicious software that infects a computer system. Those behind ransomware then demand money to allow the system to work properly again.

* From the audit

Office management indicated a comprehensive internal cybersecurity risk assessment was not performed due to competing priorities within the Information Technology (IT) Bureau. In addition, the coronavirus pandemic further delayed IT initiatives since March 2020.

The lack of adequate cybersecurity programs and practices could result in unidentified risk and vulnerabilities which ultimately leads to the Office’s confidential and personal information being susceptible to cyber-attacks and unauthorized disclosure.

posted by Rich Miller
Monday, May 3, 21 @ 9:43 am

Comments

  1. …the very best of hands.

    Comment by Anon Monday, May 3, 21 @ 9:46 am

  2. Competing Priorities…Gotta love it. Is that like spending $120 million effort to restore the Armory?

    Comment by Annonin' Monday, May 3, 21 @ 10:11 am

  3. =Office management indicated a comprehensive internal cybersecurity risk assessment was not performed due to competing priorities within the Information Technology (IT) Bureau. In addition, the coronavirus pandemic further delayed IT initiatives since March 2020=

    The pandemic was actually a great time to address IT infrastructure issues. Building empty of all visitors and most staff. The Governors/IDPH restrictions were never directly imposed on “Govemrnal Agencies” so each constitutional officer should have had clear control of their agency’s activities. Absolutely no excuse for this clearly identified weakness

    Comment by Donnie Elgin Monday, May 3, 21 @ 10:27 am

  4. In defense of the AG office, this sort of thing is really difficult, and commercial companies with far more resources and talent have suffered from similar incidents.

    Comment by Brian Monday, May 3, 21 @ 10:43 am

  5. The whole SOI network needs capital support. Even still, the effects of this hack are heightened if the CIO/CISOs are not reviewing and updating their cybersecurity response plans. Have we already forgotten ISBE?

    Comment by Dirty Red Monday, May 3, 21 @ 10:45 am

  6. Rauner’s DoIT at its finest.

    Always a shining example of efficiency and expertise.

    Comment by Mr K Monday, May 3, 21 @ 11:46 am

  7. ===Rauner’s DoIT===

    Nope. The AG’s office has its own tech division. Stop posting this falsehood or you’ll be banned.

    Comment by Rich Miller Monday, May 3, 21 @ 11:59 am

  8. As a state retiree familiar with how ancient and inadequate most state computer systems and their security are, I can expect, in the not-so-distant-future, to learn that all my personal info is exposed likewise.

    Comment by Larry Saunders Monday, May 3, 21 @ 12:16 pm

  9. I’m no expert, but as I understand it, these attacks start as pretty sophisticated phishing emails then spread throughout the system. It’s a good reminder to be careful what you click on. These aren’t Nigerian uncle phishing emails either. They’re often pretty realistic looking.

    Comment by Three Dimensional Checkers Monday, May 3, 21 @ 12:41 pm

  10. AG emails are still bouncing. I still don’t see any public acknowledgement. It’s been three weeks!

    Comment by Watcher of the Skies Monday, May 3, 21 @ 12:53 pm

  11. =due to competing priorities within the Information Technology (IT) Bureau=

    I hope the other priority was successful.

    Comment by H-W Monday, May 3, 21 @ 1:46 pm

  12. Very poorly written article by Dan Petrella at Tribune.

    “Brian” and “Three Dimensional Checkers” are on point.

    You could put all the controls you want, but cannot change the “human” element. Also, if someone is motivated enough they can go through most defenses.

    Comment by cyberluck Monday, May 3, 21 @ 2:12 pm


  13. Nope. The AG’s office has its own tech division. Stop posting this falsehood or you’ll be banned.—–

    Wow. Okay. So where on the AGs website does it say they have an internal IT division?

    https://www.illinoisattorneygeneral.gov/

    Is this a common knowledge thing?

    Is it in the AGs legislation?

    I’m confused. Please point me to the correct resource. Thanks.

    Comment by Mr K Monday, May 3, 21 @ 5:25 pm

  14. Is the AGs office effectively closed? The Trib article says the system is “being rebuilt” and the consumer fraud filing said they cannot access their files. That’s consistent with a ransomware that closes off access to all files. Work product, research, investigative files would all need to be recreated.

    Comment by Anon Monday, May 3, 21 @ 10:30 pm

  15. Hopefully, the AG upgrades its system and beefs up the IT department. The IT team were generally really good (and great people), but understaffed and using badly outdated systems.

    Comment by Anon Monday, May 3, 21 @ 10:33 pm

  16. If you try calling the main Chicago number, you get what seems to be a hastily recorded voicemail box. Something like “You have reached Attorney General Kwame Raoul’s office… please leave name, etc…”

    Comment by Watcher of the Skies Tuesday, May 4, 21 @ 12:12 pm

  17. No Open Meetings Act training for newly elected local officials either:

    https://illinoisattorneygeneral.gov/downformaintenancepacmessage.html

    The entire Public Access page is down.

    Comment by Watcher of the Skies Tuesday, May 4, 21 @ 12:37 pm

  18. FOIA website is down too, since it’s hosted on the Public Access Counselor’s website.

    Comment by Anonymous Tuesday, May 4, 21 @ 1:02 pm

Add a comment

Sorry, comments are closed at this time.

Previous Post: Open thread
Next Post: Remap stuff


Last 10 posts:

more Posts (Archives)

WordPress Mobile Edition available at alexking.org.

powered by WordPress.