USA – GEORGIA Trends and Developments Contributed by: Rose J Hunter Jones and Meredith Perlman, Hilgers Graben PLLC
and backdoor vulnerabilities, and prevent future incidents. LockBit, which claims to have attacked over 2,000 victims worldwide and collected over USD120 million in ransom payments, may have suffered a significant operational setback due to the server seizures. However, whether the syndicate remains a future threat is yet to be determined. University System of Georgia data breach In May 2023, the University System of Georgia (USG) became one of over 2,000 organisations impacted by the widespread MOVEit attacks. A year later, in May 2024, USG disclosed that the attack affected approximately 800,000 individu - als associated with its 26 public colleges and universities, including current and former stu - dents, staff, contractors, and other personnel. With the help of the Federal Bureau of Investi - gation (FBI) and Cybersecurity & Infrastructure Security Agency (CISA), USG determined that sensitive personal data, including Social Securi - ty numbers, date of birth, bank account informa - tion, and Tax IDs, had been accessed by unau - thorised actors. USG began notifying affected individuals in April 2024 and published a notice on its website. The breach was traced to vulnerabilities in the MOVEit Secure File Transfer software, which USG had used to transfer and store sensitive data. Exploiting these vulnerabilities, attackers were able to gain unauthorised access to the files stored on the MOVEit platform. Following the discovery of the breach, USG took steps to block the compromised software and subse - quently updated and secured it in accordance with guidance from CISA. To mitigate the impact of the breach, USG offered 12 months of credit
monitoring services to those affected by the data breach. This incident underscores the critical importance of not only securing internal systems but also ensuring that all third-party solutions adhere to the highest security standards. The MOVEit breach highlights how vulnerabilities in vendor software can expose organisations to significant risk, emphasising the need for comprehensive oversight and robust cybersecurity protocols across all aspects of data management. Cyber-attacks against election offices In October 2024, the Georgia Secretary of State’s website was targeted by foreign hack - ers in an apparent attempt to restrict Georgia voters from requesting absentee ballots for the 2024 presidential election. The attack utilised a technique where thousands of IP addresses from various countries flooded the website with requests, aiming to overwhelm the system and take it offline. While the attack slowed the Georgia Secretary of State’s website, the system successfully thwarted the attack and there was no disruption to voter services. Geor - gia voters retained the ability to request absen - tee ballots without interruption. Earlier in the year, on 15 April 2024, Coffee Coun - ty’s voter registration server was also attacked, with evidence suggesting it was a ransomware attack. Such attacks typically involve locking access to systems until a ransom is paid. In response, Coffee County severed its con - nection with GARViS, Georgia’s voter registra - tion system, to prevent hackers from access - ing statewide voter registration information. The connection remained severed for several days, during which operations were restored using
555 CHAMBERS.COM
Powered by FlippingBook