IT systems in US prison infected with ransomware; dozens of prisoners who were due to be released will remain in jail

A security report claims that computer systems in St. Clair County, Illinois suffered a ransomware infection that disrupted their regular operations and has interrupted the process of releasing and reviewing the sentence of some prisoners at the local jail.

One of the people affected by this incident is a woman who has been waiting for her boyfriend’s release for almost two days: “I want to know what’s going on. I have only been told that at the moment no one can be released and no one can pay bail,” the woman says. The woman, who requested anonymity, says that even though the charges brought against her boyfriend were dismissed on Monday, the individual remains in jail.

Jeff Sandusky, IT director in St. Clair County, said his team has been working to address what he defined as “some network issues detected over the weekend.” The official did not elaborate and did not confirm whether these problems are the cause of the failures in prison administration services.

On the other hand, cybersecurity specialist Shaji Khan mentioned that some hacking groups could have claimed responsibility for the attack: “Dozens of Twitter accounts operated by alleged cybercriminals claim to have carried out an attack that led to the leak of 2.5 GB of information collected by St. Clair County.” However, some samples from this compromised database appear to show that this information belongs to a small town with the same name but located in the state of Michigan.

Sandusky concluded by mentioning that the systems will be back online in the coming days, although this does not seem a sufficiently satisfactory response for the relatives of people who have not been able to be released: “The authorities must do something about it. How is it possible that there are no systems to attend to the affairs of almost 2 thousand prisoners?” the woman concluded.

For further reports on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses fell free to visit the International Institute of Cyber Security (IICS) websites, as well as the official platforms of technology companies.