The U.S. Marshals Service (USMS), a bureau within the Justice Department, recently revealed that it is investigating a ransomware attack that affected “a stand-alone USMS system.”
The USMS is responsible for apprehending fugitives, protecting federal judges, assuring the safety of government witnesses and their families, and managing seized assets. They said the attack occurred on February 17, and the spokesperson Drew Wade said it was a “ransomware and data exfiltration event affecting a stand-alone USMS system.”
According to the USMS, the ransomware attack did not impact any of its core mission operations: “the affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees,” Wade added.
Ransomware attacks are still very dangerous
The USMS is the latest federal agency to be a victim of a ransomware attack. Cybercriminals have increasingly targeted government agencies, healthcare providers, and other critical infrastructure organizations with ransomware attacks in recent years.
Ransomware attacks typically use malware to encrypt a victim’s files or lock them out of their own systems, demanding payment in exchange for a decryption key or the promise to restore their system access.
The compromised system is now disconnected from the USMS network, and it has been labeled as a major incident. Some sources have indicated that the USMS’ Witness Security Files Information System (WITSEC or the witness protection program) database is not compromised.
The USMS has launched an investigation into the attack in response to the incident and is working to enhance its cybersecurity measures to prevent future incidents. The USMS’s experience serves as a reminder of the growing threat of ransomware attacks and the need for organizations to remain vigilant and proactive in protecting their systems and data.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp