RAT Attack: State of Louisiana Hit with Pre-election Cyber Incident

November 6, 2020
State of Louisiana US Remote Access Trojan malware ransomware

Just last week, hackers have begun to infiltrate and deliberately breached various local establishments and government workplaces in Louisiana. This shocking and unexpected activity prompted the local state government to enlist the National Guard’s assistance to try and ward off the attacks. Security researchers have been summoned and reported the said activities last week, Friday.

The unauthorized intrusions came at such a time during the run-up to an election in which Russian hackers are being regarded as the culprits, testing the waters – checking on the security and the capacities of the authorities’ networks.

According to several other reports, there have been no warning signs or indication that the Louisiana attacks or any hacker-related intrusions were repurposed for an effort to compromise election systems. However, local and state officials have been increasingly worried about the threat actors’ activities – the way they are testing the states’ cyber defenses and IT capabilities during a time where there’s an active spread of election disinformation and campaigns to allegedly sabotage state voting activities altogether.

 

According to cybersecurity researchers, these hacking attacks on the state of Louisiana are the work of a RAT (Remote Access Trojan).

 

This type of malware is notoriously known to be regularly used by threat actors to lay the groundwork for additional breaches. It acts as the foundation, paving the way for an even bigger series of intrusions or network sabotage.

The particular hacking tool, referred to in the cyber world as KimJongRat, has been linked to the past’s North Korean regime. According to the security researcher, who continue to remain anonymous, citing a private investigation be made to identify any possible future indications of other attacks. The security researcher also mentioned that the malware was recognized immediately by its tracks. The researcher also revealed that the malware’s code is freely available online on repositories like GitHub, which of course, makes it available to every other hacker that would indeed find a very fruitful use for it.

Identifying the attackers will be the most essential priority for federal authorities. Cybercriminals have increasingly centered nearby governments with ransomware in the hope of extracting hefty repayments to free up crucial municipal systems. Officials and private-sector professionals are trying to determine whether any of these criminals are either working with or taking orders from foreign adversaries such as Russia, China, Iran, or North Korea. But of course, it’s way too early to tell – it’s merely speculation at this point in time.

The hackers’ initial intention was probably just to install ransomware on one particular establishment and be lucky enough to get a hefty amount for it. Eventually, pride or perhaps greed created a bit of extra motivation for the threat actor and decided to make his name in the dark annals of cyber history.

But then again, those are just mere speculations at this point in time.

About the author

Leave a Reply