The US Marshals Service is still recovering from a ransomware attack that targeted a computer system containing sensitive law enforcement data in February. The attack affected a computer network used by a Marshals Service unit called the Technical Operations Group (TOG), which provides surveillance capabilities to track fugitives.
The group operates 29 field offices in the US and Mexico and uses high-tech methods to track fugitives.
US Marshals Service spokesperson Drew Wade declined to comment on whether the TOG was affected, who was behind the ransomware attack or whether the hackers demanded a ransom for the data they stole from the Marshals Service, citing an ongoing investigation. Wade said that the hack “has not impacted” the Marshals Service’s “overall ability to apprehend fugitives and conduct its investigative and other missions.”
The affected computer system held “law enforcement sensitive information” including the personal information of subjects of Marshals Service investigations and Marshals Service employees.
This incident is at least the second significant malicious cyber incident to affect US federal law enforcement agencies in February. The FBI had to move to contain malicious activity on part of its computer network earlier in February, involving an FBI computer system used in investigations of images of child sexual exploitation.
However, there is no indication that the cyber incident at the Marshals Service and FBI are related. The weekslong recovery underlines the disruptive nature of ransomware attacks and the direct threat they can pose to US law enforcement operations. The US Marshals Service will soon bring a new version of the system online with better security.
