Attorney General’s office still locked out of computer systems nearly month after ransomware hack


SPRINGFIELD, Ill. (NEXSTAR) — Top officials at Illinois Attorney General Kwame Raoul’s office still cannot access their email accounts nearly a month after “ransomware” hackers breached their computer systems and threatened to publish sensitive materials unless the state paid a ransom.

According to a statement published on the Attorney General’s website, the hack was first noticed on Saturday, April 10th. Raoul’s office first acknowledged the breach late last week. A spokesperson for his office did not directly answer whether or not they were considering making payments to regain access to the network.

The FBI is already investigating the hacking group known as “Dopple Paymer” for suspected ties to a Russian cyber group.

“I don’t think you should pay,” state representative Jaime Andrade (D-Chicago) said in a Tuesday interview. “Because what happens is they’re just going to come right back at you.”

Andrade sits on the House Cybersecurity, Data Analytics, and IT Committee, and says Illinois struggles to compete with the private sector to attract the best cybersecurity experts.

“In order to get your top, top person, you’re going to have to spend the money, and it’s difficult,” he said.

The Illinois Department of Innovation and Technology is usually tasked with securing state computer systems. In this case, the Attorney General’s office turned to outside consultants for help.

“We do not yet fully have access to the office’s network as we work around the clock to rebuild it, and we are in close contact with outside technology experts and law enforcement to ​understand the full extent and scope of the compromise,” spokeswoman Annie Thompson wrote in an email.

Thompson’s response came from a new email address established after she and other officials in the office were locked out of accessing their accounts. She did not say whether or not the victims whose personal information was stolen in the hack have been notified directly.

“Our ability to provide certain information is limited at this time, as we restore the integrity, security and confidentiality of the office’s computer network and seek to…

Source…