Seriously, how does stuff like this happen in this day and age of software and hardware protections?
Because, apparently, the USMS isn’t keeping track of employee use of the internet AND ensuring they have morally decent employees who aren’t there to goof off and surf the net.
I am in the cybersecurity industry and the simple answer is that the basic controls that we have known about for 30 years are simply not being implemented.
No protection is foolproof. Many of them are more hype than help. Like Rurudyne said, ‘someone clicked an ad’. Well, it could have been that simple, if the site with the malicous scripts wasn’t already flagged by security software. Or perhaps more likely, someone in the marshals office was doing a porn investigation and went to the wrong place, or someone fell for a bad phishing or attack email. Most of them are easy to spot, but some are very clever, and mimmick people inside your organization to get you to let your guard down and open malicious attachments.
You’d like to think that government offices and agencies have these iron-clad security protections and procedures, but much of the time, they have people have various kinds of jobs and many of them are not very tech savy at all.
Where I would fault them more is if their IT people weren’t making secure backups of their systems and databases. A ransomware attack is annoying mostly for your downtime, but not catastrophic if you have redundancies and backups.