Georgia’s court agency becomes latest victim of ransomware attack

• The Administrative Office of the Courts was reportedly targeted with ransomware and had its systems taken offline.
• The agency provides support to state, probate, magistrate, and municipal court councils in Georgia.

Weeks after ransomware attacks took down computer networks in three Florida cities, a court agency in Georgia has fell prey to a ransomware infection. It was reported that the servers belonging to the Administrative Office of the Courts (AOC) were offline due to an unknown ransomware that made way into its network. The court agency provides support to state, probate, magistrate, and municipal court councils in Georgia.

Bruce Shaw, a spokesperson for AOC told the media that its officials quarantined the agency’s servers and cut off the network from outside contact after detecting the attack. However, it is uncertain how many computer systems or services were affected.

Key highlights

• In order to contain the infection, the agency's network was taken offline.
• Currently, there is no evidence of data exfiltration from the attack. The AOC spokesman stated that the systems did not hold or store any personally identifiable information (PII).
• The agency is yet to uncover technical details such as the type of ransomware and the method of infection used in the attack.
• The court agency also had its website shut down on Monday due to the attack. However, websites for Georgia Supreme Court and court clerks remained operational.

FBI's take on ransom payments

The Federal Bureau of Investigation (FBI) advises victims not to pay ransoms as it may lead to funding other cyber attacks. “The payment of extortion demands encourages continued criminal activity, leads to other victimizations, and can be used to facilitate additional serious crimes,” the federal agency told WIRED in a statement.

“Additionally, paying a ransom does not guarantee the victim will regain access to their data. The main thrust of the FBI’s ransomware outreach program is to inform the public that most ransomware can be prevented,” added the FBI.