Skip to content
Exterro for Law Enforcement
Get a Demo

Georgia State Bar Victimized by Ransomware Attack

Download the privacy alert!

Why This Privacy Law is Important:

Cybersecurity threats against legal industry targets have been increasing in the recent past. In this incident, which took place on April 28, 2022, a ransomware attack against the State Bar of Georgia disabled their website. Legal organizations of all sorts, from associations to law firms and service providers, must be aware of the risks and protect sensitive data accordingly.

Overview:

On April 29, 2022, the State Bar of Georgia announced on Twitter that they had been the victim of a network breach. The day prior, the association detected the breach when the head of their management information systems heard “a beeping sound” that meant the network servers were restarting, which they should not have been. A report from the association explained that he “immediately began disconnecting devices from the network. As he was doing this, he observed multiple screens going black. On further inspection, it was determined that 17 servers, including both physical and virtual, and approximately 15 workstations were encrypted with BitLocker at the disc level.”
The State Bar of Georgia locked down its network and took its website offline, replacing it with a single landing page. It hired a cybersecurity firm and began conducting a thorough forensic analysis of the breach. The bar’s first week of response focused on containing the breach, monitoring their network, and conducting a forensic investigation and ransom negotiations. As of mid-June, the bar association had continued building out a new member portal, which offered many but not all of the functions of the original site. The original association website remains offline, as State Bar of Georgia executive director, Damon Elmore, explained, “Although this has been officially described as a ransomware attack, no monetary demand has been made and no proof of possession of any personally identifiable information or other data has been provided.”

Unfortunately, this is far from Georgia’s first run-in with cybersecurity issues. In 2019, the state’s court system was hit with a ransomware incident following an even larger ransomware attack that crippled the Atlanta city government. Officials in Jackson County were forced to pay $400,000 to get rid of a ransomware infection and regain access to IT systems in March 2019.

Who it Applies to:

The State Bar of Georgia has 54,000 members, and as of its May 13, 2022 report, the association had been unable to ascertain whether any personal or confidential data had been compromised in the attack. The association and its cybersecurity partners have prioritized identifying if any PII had been accessed or compromised.

After locking down its network and reducing its website to a single landing page, the association has gradually built more functionality into its replacement. Rebuilding, testing, and the return of network access has proceeded, despite the association’s inability to negotiate effectively with the hacker(s) responsible for the attack. The temporary website provides information and allows members to perform basic functions.

Download the Privacy Alert to the right to get the full text and expert analysis!