Cybersecurity

WannaCry hits Chicago-area county, marking first confirmed government infection in U.S.

Cook County, Illinois, reports its cybersecurity team is handling the situation and operations are stable.

May 15, 2017

A fast-spreading global ransomware campaign has found its first local government target in Illinois, StateScoop has learned. Cook County’s incident is the first known government infection of the WannaCry virus in the U.S.

The county, which includes the City of Chicago, confirmed to StateScoop that its Bureau of Technology found the ransomware on “a small number of systems” on Friday.

“We initiated our standard security procedures to address the issue. No major Cook County operations are impacted at this time,” said spokesperson Frank Shuftan.

On Friday, a barrage of phishing emails containing WannaCry, also known as WannaCryptor, were sent to targets across Europe. In less than 24 hours, the ransomware campaign successfully infected thousands of computers across not only Europe, but also in the U.S., Asia, Africa and South America. It effectively locks out users from their systems and data unless they pay for a decryption key.

This computer virus spread quickly outside the bounds of initially compromised organizations because it leverages a powerful software vulnerability that is believed to have been developed by the National Security Agency and leaked by a rogue group in April. The leak likely happened when the NSA’s software was detected by hackers, who then repackaged its use of backdoors and digital keys into the virus. The hacker group known as The Shadow Brokers are reportedly responsible for the malware.

The most detrimental effects of the virus reported so far were observed in European hospitals where health care providers were unable to access patient data to deliver treatment.

A Google security researcher pointed out that the software used in the global attack shares code with malware written by a group of North Korean hackers known as the Lazarus Group, though definitive proof of the ransomware’s origins remains elusive.

No government official has yet attributed the attack to any party, nation-state or otherwise.

This story was updated shortly after publication to include additional details as they were uncovered.

WannaCry hits Chicago-area county, marking first confirmed government infection in U.S.

More Like This

CISA, FBI urge local election offices to move to .gov domains

White House officials meet with state, local leaders on AI governance

South Carolina legislature claims treasurer risked cyberattack, didn’t disclose $1.8B in state funds

More Scoops

Ransomware Attacks Map chronicles a growing threat

Ransomware demanded $5.3M from Massachusetts city in July attack

Ransomware hits everywhere, but governments pay 10 times more

BlueKeep vulnerability a ‘bleak’ situation for local governments, Tenable CTO says

Russian intelligence officers targeted state and county election boards, U.S. Justice Department alleges

Atlanta was not prepared to respond to a ransomware attack

State and local governments face a disturbing cybersecurity threat

Latest Podcasts

WannaCry hits Chicago-area county, marking first confirmed government infection in U.S.

How North Carolina completed its next-generation 911 project

Covered CA’s Karen Johnson on how AI is transforming health insurance for Californians

New Hampshire’s Rich Lavers talks AI’s potential to streamline government services

State

City

Modernization

Cybersecurity