Cyber Incident Victim: Georgia Motor Carrier Compliance Division

On July 25, 2019, the Georgia State Patrol (GSP) detected a ransomware attack originating from a field laptop, triggering a multi-agency cybersecurity incident. Within 24 hours of initial detection, the malicious activity spread to additional workstations across three state law enforcement agencies: the Georgia State Patrol, State Capitol Police, and the Motor Carrier Compliance Division (identified as the commercial enforcement division in reports). Officials disabled the entire network serving these agencies as a containment measure, forcing all affected systems offline. The ransomware disrupted normal operations by blocking access to computer networks essential for information research and administrative functions. Law enforcement personnel transitioned to radio dispatch communications and telephone lines to maintain critical operations, though the network shutdown caused significant workflow interruptions. No specific ransom demands or payment instructions were publicly disclosed in initial reports.

The attack caused major operational disruptions but did not prevent officers from performing core law enforcement duties. Response efforts involved coordinated investigations by multiple IT agencies and cybersecurity specialists, with the FBI formally joining the investigation by July 28. Network systems remained offline through at least July 27 as containment and forensic analysis continued. The incident specifically impaired officers' ability to conduct database queries, process digital records, and access networked resources required for routine operations. No data theft or secondary impacts beyond the ransomware encryption were confirmed in available reporting. Restoration timelines and technical specifics regarding the ransomware variant were not disclosed during the initial response phase.