OMV locations to remain closed until Monday

An unauthorized download contained a virus that crippled La. government internet services, sources say

OMV to remain closed through Monday, Nov. 25

(WAFB) - Four days later and Louisianians are still waiting. Drivers trying to get license renewals, car registrations, and other services provided by the Office of Motor Vehicles will not be able to get that Thursday.

The Office of Motor Vehicles (OMV) will remain closed until Monday, Nov. 25, because of an issue indirectly linked to the attack. The OMV’s servers did not reboot properly after the state allowed them to re-access its networks, according to two workers at the Baton Rouge office.

Governor John Bel Edwards said in a press conference Thursday if your license expires during the time of the outages, you will not be fined.

An apparent “ransom” attack crippled much of Louisiana state government Monday, Nov. 18, after someone installed unauthorized software onto a state computer, Louisiana cyber security commissioner, Jeff Moulton, said Wednesday.

The software contained a virus that holds data hostage until the victim pays a ransom. Louisiana agencies have been attacked using similar ransomware a number of times in 2019, but none have paid a ransom and no data has been compromised or lost.

A number of agencies shut down their websites as a precaution to prevent the virus from spreading, part of a larger plan implemented by the cyber commission Moulton sits on.

Jacques Berry with the Division of Administration says benefits such as WIC, SNAP, etc. have not been affected, but that the enrollment process has been affected, so people are not currently able to sign up for the programs. Payroll for state worked has also not been affected, he said. Paychecks have been processed and will be dispersed as usual. Berry also says there’s still no estimate on when all state computer systems will be fully functional.

“Louisiana has very good policies and procedures for their IT infrastructure,” Moulton said. “Somebody didn’t play by that book, and if it was up to me, I’d fire that person.”

They state’s cyber security commission quickly enacted an existing plan to isolate and eliminate the virus, likely preventing further infection. The virus was contained to around 130 servers and 600 clients, a minute fraction of the state’s total network capacity.

The software on each infected computer will need to be removed and reinstalled through a process called re-imaging, but no data was compromised.

Louisiana has become a global leader in cyber security, and Moulton credits Governor John Bel Edwards for prioritizing data security and establishing the cyber commission that helped to kill the virus.

“We have other states calling us and asking for copies of our plan,” Moulton said, referencing the same plan the state followed Monday. “We’ve become the model for other states to follow.”

Edwards said Monday the Office of Technology Services (OTS) immediately initiated security protocols and out of an abundance of caution, took down state servers, which is what impacted numerous state agencies’ email, website, online applications, etc.

Websites for the Office of the Governor, Louisiana State Legislature, Office of Motor Vehicles, Department of Corrections, and more were affected.

Attempted ransomware attack causes issues for La. state websites

Moulton said you can protect your data by following the “Stop. Think. Click.” rule. Users should not click on links that seem out of place, or download software without doing research on the program.

“When your company puts a policy up that says no unauthorized software on a computer, here’s why,” Moulton said. “Our strongest line of defense is an educated user... There’s rules for a reason."

“While it is nearly impossible to prevent all cyber-attacks because we have prioritized improving Louisiana’s cybersecurity capabilities, we were able to quickly neutralize the threat. The majority of the service interruption seen by employees and the public yesterday was due to our aggressive actions to combat the attack,” Commissioner of Administration Jay Dardenne said. “We are confident we did not have any lost data and we appreciate the public’s patience as we continue to bring services online over the next few days.”

Some trucking companies in the state also had to halt their vehicles because they were unable go onto the DOTD website to apply for things like “overweight” permits during the outage. Some online services began to come back online around 5 p.m. on Monday evening. Gov. Edwards tweeted about the incident:

Edwards went on to say the state’s cyber security team was activated Monday to respond to the attempted ransomware attack. The governor’s commissioner of administration, Jay Dardenne, released the following statement Monday evening:

“No one is immune to these attempted cyberattacks, which is why Governor Edwards’ has focused on building Louisiana’s cybersecurity capabilities. Our experts train and prepare for these types of incidents and have been successful in mitigating similar issues in the past, including this summer when our teams successfully brought services back online following the cyber attack on local schools. We have confidence in our cyber safeguards, capabilities, and personnel and we are working to bring as many online services back online as quickly as we can.”

It’s expected that the full restoration of state services could take several days, according to the Office of the Commissioner.

Copyright 2019 WAFB. All rights reserved.