Attorney General’s office still locked out of computer systems nearly month after ransomware hack

Illinois Capitol News

SPRINGFIELD, Ill. (NEXSTAR) — Top officials at Illinois Attorney General Kwame Raoul’s office still cannot access their email accounts nearly a month after “ransomware” hackers breached their computer systems and threatened to publish sensitive materials unless the state paid a ransom.

According to a statement published on the Attorney General’s website, the hack was first noticed on Saturday, April 10th. Raoul’s office first acknowledged the breach late last week. A spokesperson for his office did not directly answer whether or not they were considering making payments to regain access to the network.

The FBI is already investigating the hacking group known as “Dopple Paymer” for suspected ties to a Russian cyber group.

“I don’t think you should pay,” state representative Jaime Andrade (D-Chicago) said in a Tuesday interview. “Because what happens is they’re just going to come right back at you.”

Andrade sits on the House Cybersecurity, Data Analytics, and IT Committee, and says Illinois struggles to compete with the private sector to attract the best cybersecurity experts.

“In order to get your top, top person, you’re going to have to spend the money, and it’s difficult,” he said.

The Illinois Department of Innovation and Technology is usually tasked with securing state computer systems. In this case, the Attorney General’s office turned to outside consultants for help.

“We do not yet fully have access to the office’s network as we work around the clock to rebuild it, and we are in close contact with outside technology experts and law enforcement to ​understand the full extent and scope of the compromise,” spokeswoman Annie Thompson wrote in an email.

Thompson’s response came from a new email address established after she and other officials in the office were locked out of accessing their accounts. She did not say whether or not the victims whose personal information was stolen in the hack have been notified directly.

“Our ability to provide certain information is limited at this time, as we restore the integrity, security and confidentiality of the office’s computer network and seek to not compromise an ongoing investigation,” she said.

The Auditor General’s office flagged 10 state agencies or universities for cybersecurity risks in 2019. Five of them, including the Illinois State Board of Elections, Southern Illinois University, and the Departments of Revenue, Healthcare and Family Services, and Employment Security had already experienced known breaches.

“The risk is there,” Auditor General Frank Mautino said. “And it grows greater with the ability of the the guys who are doing the hacking, or the companies doing the hacking, to find ways around our controls. So it has to always be changing and be be continually upgraded.”

Mautino said several state agencies “need to raise the level of awareness about the vulnerabilities because there are many.”

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.