The US Marshals Service is still recovering from a February ransomware attack on a computer system holding sensitive law enforcement data and will soon bring a new version of the system online with better security, an agency spokesperson told CNN on Monday.
“Most critical tools” related to the affected computer network “were restored within 30 days of the breach discovery” in February, US Marshals Service spokesperson Drew Wade told CNN in an email, declining to explain what those critical tools were.
The hack affected a computer network used by a secretive Marshals Service unit known as the Technical Operations Group (TOG), which provides surveillance capabilities to track fugitives, according to a person familiar with the matter. The group operates 29 field offices in the US and Mexico and uses high-tech methods to track fugitives.
Wade declined to comment on whether the TOG was affected.
The hack “has not impacted” the Marshals Service’s “overall ability to apprehend fugitives and conduct its investigative and other missions,” Wade said.
But the weekslong recovery underlines the disruptive nature of ransomware attacks – which typically lock files so that hackers can demand a ransom – and the direct threat those attacks can pose to US law enforcement operations.
The Washington Post first reported on the lingering effects of the hack and that it involved the TOG.
It’s unclear who was behind the ransomware attack or whether the hackers demanded a ransom for the data they stole from the Marshals Service. Wade declined to comment, citing an ongoing investigation.
It’s also unclear what data was taken by the hackers; a previous Marshals Service statement said simply that data was “exfiltrated” from the computer network.
The affected computer system held “law enforcement…
Read the full article here