Luzerne County in Pennsylvania hit with virus attack

• A county worker opened a malicious attachment sent by attackers via a phishing email, which led to the virus infection.
• The virus attack has forced court branch employees to manually process jury paperwork.

Threat actors infected Luzerne County’s systems with a virus causing the county to shut down the majority of its servers.

What happened?

A county worker opened a malicious attachment sent by attackers via a phishing email, which led to the virus infection.

County officials learned about the incident on May 25, 2019, after the County computer network monitoring systems started displaying warnings about an unusual virus activity. Upon which, the County shut down the impacted systems to prevent the infection from spreading.

What is the impact?

• The computerized property assessment records system in the assessor’s office is down.
• County courthouse servers are impacted.
• Some of the IT servers are infected and few confidential files are corrupted.
• The Landex Remote deed access system is down, therefore, real estate deeds that are time-stamped couldn’t be entered into the system.
• Similarly, no county civil court filings appeared in the computerized prothonotary docket.
• The virus attack has forced court branch employees to manually process jury paperwork.

However, a few computers were operational in the county clerk of courts office. The county 911 department and emergency management agency servers, as well as election results servers, were not impacted as they were kept on an isolated standalone network.

What was the immediate action taken?

• Upon discovery, County officials shut down all the impacted servers to contain the virus infection.
• The County has started the cleanup process and has implemented emergency operation plans to continue daily services without disrupting the remediation process.
• The administration has planned to scan each and every server as well as computer stations to determine if any viruses are present.

David Parsnik, County Administrations’ Services Division Head said on May 29, 2019, that the clean-up process might take several days to complete and that the servers might be shut down until June 03, 2019, in order to properly remediate any damage caused by the virus attack.

“Court employees are working very hard to minimize disruptions, but in a world where we’re dependent on computers, it will take a huge effort by staffers,” County Court Administrator Michael Shucosky said, Times Leader reported.