True North Networks Blog
Massachusetts Public Defender System Hit with Ransomware Attack
The Massachusetts Committee for Public Counsel Services (CPCS) is in the process of restoring its systems from backups in the wake of a February ransomware attack. CPCS CIO Daniel Saroff says that the organization’s network was hit with both a Trojan and ransomware. The organization did not pay the ransom. The attack has caused attorneys who work through CPCS’s bar advocate program to miss a payday. A notice on the website as of Monday evening March 18, says “CPCS’s computer systems have been attacked and are not working properly. We are still representing clients. In addition, there is no evidence that confidential information from clients has been released as a result of these attacks.”
The Massachusetts public defender agency has been unable to access its IT network for weeks, following a cyber attack that forced the shutdown of its email service.
The Committee for Public Counsel Services suffered both a ransomware attack, in which hackers demand money to restore access to data, and a Trojan horse attack in which malicious software is installed on a network, CPCS Chief Information Officer Daniel Saroff told MassLive.
The committee, which employs staff attorneys but also manages the bar advocate program that assigns private lawyers to represent indigent criminal defendants, immediately shut down its servers to prevent further damage, Saroff said.
That has left CPCS unable to pay the bar advocates who handle 80 percent of the public defender caseload in Massachusetts, CPCS told MassLive. CPCS has since cleared the ransomware off its network and is gradually restoring its systems from backup data.
“The comptroller and the courts and executive branch and the legislature have all been extremely supportive of us," CPCS General Counsel Lisa Hewitt said.
CPCS refused to meet the payment demands made by the hackers, both because the committee had backups of its data and because complying with hackers can leave agencies vulnerable to future attacks, Saroff said.
The agency posted a notice on its website on Feb. 28 saying that its email service was down, but at that time did not publicly disclose the hack.
Saroff said that the organization has hired two consulting firms to assist in the recovery and harden its security. CPCS has not identified any data that was stolen, though that remains under investigation.
CPCS has contacted the Massachusetts Attorney General’s Office and the Office of Consumer Affairs and Business Regulation, as is standard protocol following a cyberattack, the committee told MassLive.
CPCS is working with the state comptroller’s office to speed payment to bar advocates, who have so far missed one payday.
“Our office is aware of this and we are reaching out to gather more information," a spokesperson for the Office of Attorney General Maura Healey said in a statement.