US Marshals Service Suffers Major Ransomware Breach

US Marshals Service Suffers Major Ransomware Breach
The US Marshals Service was the subject of a ransomware attack over a week ago, which compromised sensitive information, including data on fugitives.(not the actual image) DAMIEN MEYER/AFP via Getty Images

A week ago, the US Marshals Service suffered a security breach that compromised sensitive information, according to senior US law enforcement authorities.

On Monday, US Marshals Service spokesperson Drew Wade acknowledged the breach. According to Wade, the Marshals Service "identified a malware and data exfiltration event impacting a standalone USMS system" on February 17.

US Marshals Service Cyber Attack

Wade stated that the system was unplugged from the network and that the Justice Department had initiated a forensic examination. Per NBC News, he said that after briefing senior department officials on Wednesday, "those people assessed it to be a significant incident."

The US Marshals Service experienced a massive security breach this month when hackers got into a computer system and stole data, including a wealth of personal information on investigative targets and agency staff, according to a spokeswoman for the service on Monday.

The service, a section of the Department of Justice, is responsible for the security of federal judges, the transportation of federal inmates, and the administration of the federal witness protection program. According to a senior law enforcement official, the witness protection database was not compromised, but hackers accessed information about some fugitives sought by federal authorities.

Wade described the breach, which occurred on February 17 and was caused by ransomware, as a "major event." Justice Department authorities found that the intrusion caused by ransomware constituted a "major incident."

In recent years, ransomware attacks have increased in number, scope, and complexity, highlighting the government's efforts to secure critical information. The government is investigating the attack's origin and a damage assessment as Marshals Service officials strive to mitigate the risk presented by the theft of sensitive personal and investigation data.

In recent years, several government organizations have fallen prey to hackers. An increasing number of groups have gained the means and ability to steal data, damage key infrastructure, and extort payments from victims, including companies and private persons.

US Hit by Series of Data Breach in Recent Years

During the final year of the Trump administration, a highly sophisticated Russian cyber campaign infiltrated the networks of more than 250 government departments and corporations, including the Treasury, State, Commerce, and Energy Departments, and portions of the Pentagon.

In 2015, a series of Chinese-origin cyberattacks on government systems compromised the private information of around 21.5 million people subjected to a government background check, including their addresses, health and financial histories, and other confidential facts. Also, the hackers stole federal employees' staff information and fingerprints, as per the NY Times.

Several smaller data breaches have targeted groups associated with the federal government, including the theft of sensitive data from a Navy contractor by Chinese government hackers in 2018 and tens of thousands of images of travelers and license plates stored by Customs and Border Protection in 2019.

The Biden administration has made countering ransomware a priority for national security and has successfully recovered ransoms, prevented extortion efforts, and dissolved criminal groups that conduct ransomware attacks. It is at least the second major cyberattack against federal law enforcement agencies in the United States in February. CNN was the first to announce that the FBI had to limit criminal activity on a portion of its computer network earlier this month.

Two individuals knowledgeable on the situation said that FBI authorities think the breach affected a computer system used to investigate photographs of child sexual abuse. There was no clear evidence that the cyber attacks involving the US Marshals Service and FBI were linked.

@YouTube

Real Time Analytics