Servers associated with the Administrative Office of the Courts (AOC) in Georgia were reportedly down after a ransomware strain was able to penetrate their network. Upon this discovery, the network was shut down. As of now, there is no known data exfiltration and a spokesperson for the office assured that there was no PII on the systems. The AOC website was also offline due to the infection. The technical data regarding the breach has yet to be figured out, but investigations are pending. More details are likely to be released as this story develops over the course of the next week or two.
Analyst Notes
Users should not pay ransoms, as they are likely to be used to pay for other campaigns. Paying the ransom does not always mean the data will be returned. Many of these ransomware attacks can be prevented with proper network security parameters.
