Pennsylvania Senate Democrats resist ransom in cyberattack

HARRISBURG, Pa. (AP) — Pennsylvania’s top state Senate Democrat said Monday that no ransom has been paid to resolve a cyberattack that shut down the caucus’ network and prompted an FBI investigation.

Senate Democrats’ computer network, including their email system, remained inaccessible Monday, three days after the “ransomware” attack was discovered by technology staff who received an alert that the network had been breached.
Senate Minority Leader Jay Costa, D-Allegheny, would not say what sort of ransom had been demanded, but he said none had been paid, and he and other Senate Democrats said they were not inclined to do so.

“Right now we have no intention of dealing with the demand,” Costa said.

A ransomware attack is typically aimed at stealing sensitive information in an attempt to be paid for the data’s return, often in a digital currency.

For the time being, Costa said, Senate Democrats were focused on trying to restore access to the network, which contains a wide range of documents, from policy work to constituent case files.

Sen. Daylin Leach, D-Montgomery, said the hackers gave a one-week deadline to pay the ransom, or they would destroy the data.

Costa said he could not say whether there was a deadline. But he also said that the caucus, as a matter of routine, backs up its emails, documents and data, much of it nightly, and that it could be loaded into the network once it is available and safe.

Microsoft was doing a forensic audit to try to figure out who penetrated the network and how, and Costa said the caucus may know more in the next day or two. Senators and staff who tried logging in initially received a message instructing them to click on a link for information on how to recover the data on their network.

Costa said the Philadelphia and Pittsburgh offices of the FBI were working on the case.

A spokeswoman at the FBI’s Philadelphia office said that, under Department of Justice policy, the agency will not provide any update on an ongoing investigation unless or until charges are filed.

Leach said his office has lost access to all of the paperwork on file for constituent requests and the state grants he was trying to get for his district.

“In the short-term, we can sort of make do,” Leach said. “There are some problems long-term.”